[6108] in bugtraq
Re: SMB redirect program for NT
daemon@ATHENA.MIT.EDU (Theo de Raadt)
Wed Feb 11 00:56:05 1998
Date: Tue, 10 Feb 1998 21:05:11 -0700
Reply-To: Theo de Raadt <deraadt@CVS.OPENBSD.ORG>
From: Theo de Raadt <deraadt@CVS.OPENBSD.ORG>
X-To: Weld Pond <weld@L0PHT.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Tue, 10 Feb 1998 21:45:41 EST."
<Pine.BSF.3.96.980210212159.18393A-100000@l0pht.com>
> This program uses the NT port binding vulnerability to redirect a
> machine's SMB services to another machine.
Perhaps it is time to remind people that most Unix systems still have
problems in this same area. On many systems, users can create
"more-specific" or "less-specific" bindings for non-reserved ports,
and thus steal traffic.
It's amusing that a major service this problem happens is with NFS,
the Unix SMB as it were.
