Re: portmapper dangers

[tqbf () rdist org (Thomas H. Ptacek)]

> The dangers, according to the code changes I saw, are that the
> portmapper will accept set and unset requests from other than the local
> machine, and that it will accept set and unset requests for reserved

So I assume the person you've been corresponding with has found a way
to exploit that in some novel, clever way? Like, if you PMAPPROC_SET
something with a weird number it'll barf and give you a shell? Not
to be argumentative, but the fact that you can do unauthenticated sets
and unsets has been documented ever since the O'Reilly RPC book came out
(read the appendices).

And as far as I can tell, if outsiders don't have access to your portmapper
a la portmap3, they still can't do a set or an unset. Has your associate
found a way around Mr. Venema's access control?

---
Thomas Ptacek (tqbf () rdist org)