[22910] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

OSX remote root more info

daemon@ATHENA.MIT.EDU (dotslash@snosoft.com)
Fri Oct 19 12:21:19 2001

Date: Wed, 17 Oct 2001 20:13:46 -0700
Content-Type: text/plain; charset=US-ASCII; format=flowed
Mime-Version: 1.0 (Apple Message framework v472)
Cc: recon@snosoft.com
To: bugtraq@securityfocus.com
From: dotslash@snosoft.com
Content-Transfer-Encoding: 7bit
Message-Id: <248366C0-C376-11D5-A84D-00039305969A@snosoft.com>

did a little more research ... it appears nidump makes a query to 
portmap to look for netinfobind if either of these are not listening
the use of a remote tag with nidump or nireport may fail. A vulnerable 
machine should have the following open.
     program vers proto   port
     100000    2   tcp    111  portmapper
     100000    2   udp    111  portmapper
     200100001    1   udp    796  netinfobind
     200100001    1   tcp    799  netinfobind

-KF


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[22910] in bugtraq

OSX remote root *more info*

daemon@ATHENA.MIT.EDU (dotslash@snosoft.com)Fri Oct 19 12:21:19 2001

OSX remote root more info

daemon@ATHENA.MIT.EDU (dotslash@snosoft.com)
Fri Oct 19 12:21:19 2001