Re: Solaris 10 Port Stealing Vulnerability

[Casper.Dik () Oracle COM]

> Imagine if you find a Solaris system running a web server that has a
> remote exploit which allows for the execution of arbitrary code. If the
> web server happens to be listening on the wildcard interface than you
> can very easily insert your own web server in front of it!


There SO_EXCLBIND setsockopt in Solaris which protects hijacking the port.

Casper