Date: Thu, 25 Jan 2001 17:07:09 -0500 (EST) From: Matt Piechota <piechota@argolis.org> To: "Steven G. Kargl" <kargl@troutmask.apl.washington.edu> Cc: <freebsd-security@FreeBSD.ORG> Subject: Re: buffer overflows in rpc.statd? Message-ID: <Pine.BSF.4.31.0101251704570.26544-100000@cithaeron.argolis.org> In-Reply-To: <200101251726.f0PHQei65827@troutmask.apl.washington.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 25 Jan 2001, Steven G. Kargl wrote: > Are there any known compromises of rpc.statd that involve > buffer overflows? I have several entries in /var/log/messages that > look suspicious, but I currently don't know what these entries > mean (see attachment). The suspicious entries appear to be > buffers that someone or something has tried to overflow. I just read a news iten (on www.theregister.co.uk) talking about the Ramen worm that affects Redhat 6.2 and 7.0. One of the exploits it uses is to overrun something in rpc.statd. The URL to the story is http://www.theregister.co.uk/content/6/16375.html, which has a link to the RedHat security advisories. -- Matt Piechota Finger piechota@emailempire.com for PGP key AOL IM: cithaeron To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.31.0101251704570.26544-100000>