Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Korea (again)

From: lamont () ICOPYRIGHT COM (Granquist, Lamont)
Date: Thu, 27 Jan 2000 09:14:43 -0800

nmap-services has 4333/tcp listed as msql.  is there an msql exploit out
there?  hmmm...

http://oliver.efri.hr/~crv/security/bugs/mUNIXes/msql5.html

?

On Thu, 27 Jan 2000, Kim R. Rasmussen wrote:

I have also had a wide range of portscannings from Korean hosts. As
Fernando, most scannings are aimed at port 111 but there are also some other
exotic ports among them - especially port 2974 and 4333 seem to be of great
interest. Anyone familiar with those ?

----- Original Message -----
From: Fernando Cardoso <fernando () BN PT>
To: <INCIDENTS () SECURITYFOCUS COM>
Sent: Wednesday, January 26, 2000 8:52 PM
Subject: Korea (was RE: ?)



I have LOTS of portscanning (mostly to port 111) from a number of hosts
in Korea. I portscanned them back and find out that at least a couple of
them had port 2222 open. A telnet to that port droped me in a rootshell
without being asked for any password....

Fernando
Previous By Date Next
Previous By Thread Next

Current thread: