Bugtraq mailing list archives
Re: Exploit of rpc.cmsd
From: casper () HOLLAND SUN COM (Casper Dik)
Date: Wed, 14 Jul 1999 10:28:43 +0200
Several exploits for rpc.cmsd seems to be floating around. This vulnerability is being actively exploited. The vulnerability is known to exist at least in Solaris 7, possibly in earlier versions. Sun patch 107022-02 does not fix the vulnerability. Sun has been informed and they are working on a patch. Should be fixed in 107022-03.
The following patches have now been released: 107022-03 CDE 1.3 (Solaris 7/SPARC) 107023-03 CDE 1.3_x86 (Solaris 7/x86) 105567-08 CDE 1.2_x86 (Solaris 2.6) 104976-04 OW 3.5.1 (Solaris 2.5.1) 105124-03 OW 3.5.1_x86 (Solaris 2.5.1_x86) 103251-09 OW 3.5 (Solaris 2.5) 103273-07 OW 3.5_x86 (Solaris 2.5_x86) 101513-14 OW 3.3 (Solaris 2.3) 100523-25 OW 3.0 (SunOS 4.1.3/4.1.3C/4.1.3_U1/4.1.4) Already released was (one week ago): 105566-08 CDE 1.2 (Solaris 2.6/SPARC) Casper
Current thread:
- Exploit of rpc.cmsd Bob Todd (Jul 09)
- Re: Exploit of rpc.cmsd Andy Polyakov (Jul 09)
- Re: Exploit of rpc.cmsd Andy Polyakov (Jul 10)
- Re: Exploit of rpc.cmsd Andy Polyakov (Jul 11)
- Re: Exploit of rpc.cmsd John Hall (Jul 12)
- Re: Exploit of rpc.cmsd Aleph One (Jul 13)
- Re: Exploit of rpc.cmsd Casper Dik (Jul 14)
- Re: Exploit of rpc.cmsd Dan Astoorian (Jul 15)
- Re: Exploit of rpc.cmsd Casper Dik (Jul 15)
- Re: Exploit of rpc.cmsd Aleph One (Jul 13)
- <Possible follow-ups>
- Re: Exploit of rpc.cmsd Stephen C Woods (Jul 10)
- Re: Exploit of rpc.cmsd Casper Dik (Jul 14)