Vulnerability Development mailing list archives

Re: Remote exploitation of network scanners?

From: "Bluefish (P.Magnusson)" <11a () GMX NET>
Date: Thu, 31 Aug 2000 13:37:05 +0200

I'm not overly familiar with this "Snoop" or any other of these scanners,
but....

Can't they be placed inside some kind of home-made containment (sandbox,
or what ever word you prefere). Such as chrooting, dropping capability to
chroot and so on. [would be better if the developers themselves adding
this to their scanners, but until then]

Snoop RPC buffer overflow.
Very amusing, especially if you use snoop 24x7 as a kinda homegrown IDS  ;-)
Dom
PS. Oh, and yes, it's a remote root thang.


..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team

Current thread:

Re: Remote exploitation of network scanners?, (continued)
- - - Re: Remote exploitation of network scanners? Lincoln Yeoh (Aug 26)
    - Re: Remote exploitation of network scanners? Ricardo Anguiano (Aug 26)
    - Re: Remote exploitation of network scanners? Ryan Sweat (Aug 26)
  - Re: Remote exploitation of network scanners? Adam Prato (Aug 25)
    - Re: Remote exploitation of network scanners? Fyodor (Aug 26)
    - Re: Remote exploitation of network scanners? Marshall Beddoe (Aug 26)
  - Re: Remote exploitation of network scanners? Cashdollar, Larry (Aug 25)
  - Re: Remote exploitation of network scanners? Renaud Deraison (Aug 26)
  - Re: Remote exploitation of network scanners? antirez (Aug 26)
    - Re: Remote exploitation of network scanners? Domenico De Vitto (Aug 30)
    - Re: Remote exploitation of network scanners? Bluefish (P.Magnusson) (Aug 31)