Bugtraq mailing list archives
portmapper dangers, the scoop
From: wietse () wzv win tue nl (Wietse Venema)
Date: Fri, 5 Jul 1996 14:08:25 -0400
Here's the scoop. To begin with, the following claims were made about vulnerabilities in my "enhanced" portmapper program: - any user can set/unset services registered on privileged ports - any host can set/unset services Both problems were addressed long ago in my version 1 portmapper. I've already commented on the posting of unverified claims so I will shut up about that. The "deep throat" diffs to portmap source code reveal changes that: - make source addresses spoofing slightly more difficult - disallow unprivileged users to set/unset the NFSD port The last change is interesting enough to warrant a source code update. With properly-configured servers, changing the NFSD port makes the NFS service unusable. With servers that execute unprivileged NFS requests, an attacker could manipulate NFS traffic and break into clients. I'll prepare a portmap_5beta.tar.gz version by this weekend. As usual, the site is ftp.win.tue.nl:/pub/security. In the mean time, stay cool. No reason for panic. Wietse
Current thread:
- portmapper dangers, the scoop Wietse Venema (Jul 05)