Bugtraq mailing list archives
Re: Exploit of rpc.cmsd
From: casper () HOLLAND SUN COM (Casper Dik)
Date: Thu, 15 Jul 1999 23:58:04 +0200
(What about Solaris 2.4?)
Both CDE 1.0.1/1.0.2 (which have seperate rpc.cmsd binaries; these were merged in later releases) and Solaris 2.4 patches will be released at a later date.
Be aware that when these patches[*] are applied, the existing rpc.cmsd process (if one exists) seems to be killed in a *prepatch* script--that is, *before* the programs are updated.
Thanks for noticing this; I've notified the persons responsible for this patch; it will be addressed in a future release.
I couldn't begin to speculate about why Sun didn't make this a postpatch script rather than a prepatch script.
Neither could I; it's a mistake. Casper
Current thread:
- Exploit of rpc.cmsd Bob Todd (Jul 09)
- Re: Exploit of rpc.cmsd Andy Polyakov (Jul 09)
- Re: Exploit of rpc.cmsd Andy Polyakov (Jul 10)
- Re: Exploit of rpc.cmsd Andy Polyakov (Jul 11)
- Re: Exploit of rpc.cmsd John Hall (Jul 12)
- Re: Exploit of rpc.cmsd Aleph One (Jul 13)
- Re: Exploit of rpc.cmsd Casper Dik (Jul 14)
- Re: Exploit of rpc.cmsd Dan Astoorian (Jul 15)
- Re: Exploit of rpc.cmsd Casper Dik (Jul 15)
- Re: Exploit of rpc.cmsd Aleph One (Jul 13)
- <Possible follow-ups>
- Re: Exploit of rpc.cmsd Stephen C Woods (Jul 10)
- Re: Exploit of rpc.cmsd Casper Dik (Jul 14)