[12576] in bugtraq
Re: rpc.nfsd exploit code
daemon@ATHENA.MIT.EDU (Rogier Wolff)
Sun Nov 14 00:24:38 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-Id: <199911122316.AAA27924@cave.bitwizard.nl>
Date: Sat, 13 Nov 1999 00:16:39 +0100
Reply-To: Rogier Wolff <R.E.Wolff@BITWIZARD.NL>
From: Rogier Wolff <R.E.Wolff@BITWIZARD.NL>
X-To: Mariusz Marcinkiewicz <tmogg@ZIGZAG.PL>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.20.9911120857240.3164-200000@mail.zigzag.pl> from
Mariusz Marcinkiewicz at "Nov 12, 1999 09:07:02 am"
Mariusz Marcinkiewicz wrote:
>
> Hi
>
> On Thu, 11 Nov 1999, Crispin Cowan wrote:
>
> > We were unable to get this sploit to actually produce a root shell on an
> > unprotected nfsd.
>
> Sorry, this version of exploit wasn't tested well. Maybe it doesn't work
> in some cases.
Maybe. My experience is that when I send a working exploit to about 20
linux users who volunteered to test these things, I get about a 50/50
'Whoa that gave me a root shell in a second' versus 'Nope, we're safe:
this doesn't work on .....'
The "bad" guys have the time and take the trouble to tune an exploit
till it works. The "good" guys don't have the time. It's best to take
"there is an exploit" or "this is the exploit" at face value and
upgrade. Really.
Roger.
--
** R.E.Wolff@BitWizard.nl ** http://www.BitWizard.nl/ ** +31-15-2137555 **
*-- BitWizard writes Linux device drivers for any device you may have! --*
"I didn't say it was your fault. I said I was going to blame it on you."
