Bugtraq mailing list archives
Re: rpc.cmsd?
From: rafi () tavor openu ac il (Rafi Sadowsky)
Date: Tue, 19 Jul 1994 13:54:48 +0300 (IDT)
oops - forgot the cc's - so here goes - Subject: Re: rpc.cmsd? To: perry () imsi com Date: Tue, 19 Jul 1994 12:19:01 +0300 (IDT) From: rafi Perry E. Metzger wrote:
jsz says:>> I've heard there is some method of exploiting rpc.cmsd -- anyone >> have any information on this? jsz> Perhaps What does that mean???It means that it's quite likely that rpc.cmsd is vulnerable, and there is a good chance to locate a security problem in it, which may allow you gain access to a system from remote, another root-from-remote, if you want.If you know a hole, the purpose of Bugtraq is to describe it so that we can all make ourselves safe. If you don't know of one, please don't make us paranoid unnecessarily. If you know of one and won't tell us what it is, then you are not helping anyone and you are not following the charter of this list. Perry
[ I apoligise if this is a case of mistaken identity - but I think not ] given that jsz is a ( hopefully :-) reformed ex-cracker ( better known as "yo" ) I'm somewhat suspicious of his motives ... (of course I'm a reformed ex-cracker myself - but thats another story... :-) of course if you're worried about remote users cracking your rpc.cmsd you should at least use tcp_wrappers to protect it from offsite users (combined with an approriate router setup - to prevent forged IP source address of course ...) well Yonatan(you are jsz aren't you ?) - is that enough provocation to get some more details from you ? Rafi -- +-------------------------------+---------------------------------------+ | Rafi Sadowsky | rafi () tavor openu ac il | | Comp.Sci. dept |-[also postmaster () openu ac il]---------+ | Open University of Israel | Voice: +972-3-6460592 | | Tel-Aviv, Israel | Fax: +972-3-6460483 | +-------------------------------+---------------------------------------+
Current thread:
- rpc.cmsd? James W. Abendschan (Jul 15)
- Re: rpc.cmsd? jsz (Jul 16)
- Re: rpc.cmsd? Rens Troost (Jul 18)
- Re: rpc.cmsd? jsz (Jul 18)
- Re: rpc.cmsd? Perry E. Metzger (Jul 18)
- Re: rpc.cmsd? Rafi Sadowsky (Jul 19)
- Re: rpc.cmsd? Scott D. Yelich (Jul 19)
- xnews and XDM Paul Howell (Jul 20)
- Re: rpc.cmsd? jsz (Jul 20)
- Re: rpc.cmsd? Perry E. Metzger (Jul 20)
- Re: rpc.cmsd? Rens Troost (Jul 18)
- Re: rpc.cmsd? jsz (Jul 16)
- Re: rpc.cmsd? Marc W. Mengel (Jul 19)
- Re: rpc.cmsd? Paul Daw (Jul 18)
- Re: rpc.cmsd? Mark (Jul 18)
- Re: rpc.cmsd? Rens Troost (Jul 19)
- Re: rpc.cmsd? Alfonso Gutierrez (Jul 19)