[2099] in linux-security and linux-alert archive
[linux-security] portmap vulnerability?
daemon@ATHENA.MIT.EDU (Sam Quigley)
Sun Dec 6 05:15:22 1998
To: linux-security@redhat.com
cc: BUGTRAQ@netspace.org
From: Sam Quigley <osquigle@cs.uchicago.edu>
Date: 05 Dec 1998 17:50:38 -0600
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com
Are there any known vulnerabilities in portmap (redhat's
portmap-4.0-7b)? I've been receiving a lot of attempts to access the
portmap port on some linuxppc machines I administer by various
machines which clearly have no business with mine, and I wonder if
this is an attempt to break in to my machines.
I've searched some archives, but I haven't yet found any known
vulnerabilities in portmap that are likely to lead to any compromise
of system security. If this is indeed a hack attempt (I believe it
is), then this suggests that (a) there's some well-known vulnerability
that I have been unable to find out about, or (b) this is a new
exploit.
I haven't yet looked at the source to see if there are any obvious
problems with portmap (buffer overflows, etc.), but I suspect that
there may be.
-sq
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null
