Bugtraq mailing list archives
Re: NFS shell
From: oliver () SECURENETWORKS COM (Oliver Friedrichs)
Date: Tue, 19 May 1998 12:22:57 -0600
The sources are in:
ftp://ftp.cs.vu.nl/pub/leendert/nfsshell.tar.gz
Suggestions for improvements are welcome.
Some interesting features that people will probably want to add to this:
- ability to query rpcbind/portmap on port 32771. rpcbind on (unpatched)
solaris listened on a port equal to, or above 32771. This allows you to
bypass any filters that may be blocking standard portmap/rpcbind on port
111.
- ability to perform NFS over port 4045. Solaris nlockmgr service will
accept any NFS packets and always listens on port 4045, probably because
it's a direct path into the kernel like NFS is. This allows you to
bypass any filters that may be blocking NFS traffic on port 2049.
Just 2 of a number of undocumented services that we found in Solaris...
- Oliver
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Network Associates, Inc. 2805 Bowers Ave, Santa Clara, CA, 95051
Current thread:
- Re: easy DoS in most RPC apps, (continued)
- Re: easy DoS in most RPC apps Peter van Dijk (May 12)
- Re: easy DoS in most RPC apps Bill Trost (May 13)
- Re: easy DoS in most RPC apps Peter van Dijk (May 14)
- Re: easy DoS in most RPC apps David LeBlanc (May 17)
- Re: easy DoS in most RPC apps Scott Stone (May 17)
- Re: easy DoS in most RPC apps Bill Paul (May 17)
- Re: easy DoS in most RPC apps Olaf Kirch (May 18)
- simple kde exploit fix David Zhao (May 17)
- Re: simple kde exploit fix Luca Berra (May 18)
- NFS shell Leendert van Doorn (May 18)
- Re: NFS shell Oliver Friedrichs (May 19)
- Re: NFS shell Leendert van Doorn (May 19)
- Re: easy DoS in most RPC apps Scott Stone (May 17)
- Re: easy DoS in most RPC apps Peter van Dijk (May 12)
- Re: simple kde exploit fix Andreas Jellinghaus (May 18)
- DHCP 1.0 and 2.0 SECURITY ALERT! (fwd) Chris Evans (May 18)