Vulnerability Development mailing list archives
Re: Remote exploitation of network scanners?
From: "Bluefish (P.Magnusson)" <11a () GMX NET>
Date: Thu, 31 Aug 2000 13:37:05 +0200
I'm not overly familiar with this "Snoop" or any other of these scanners, but.... Can't they be placed inside some kind of home-made containment (sandbox, or what ever word you prefere). Such as chrooting, dropping capability to chroot and so on. [would be better if the developers themselves adding this to their scanners, but until then]
Snoop RPC buffer overflow. Very amusing, especially if you use snoop 24x7 as a kinda homegrown IDS ;-) Dom PS. Oh, and yes, it's a remote root thang.
..:::::::::::::::::::::::::::::::::::::::::::::::::.. http://www.11a.nu || http://bluefish.11a.nu eleventh alliance development & security team
Current thread:
- Re: Remote exploitation of network scanners?, (continued)
- Re: Remote exploitation of network scanners? Lincoln Yeoh (Aug 26)
- Re: Remote exploitation of network scanners? Ricardo Anguiano (Aug 26)
- Re: Remote exploitation of network scanners? Ryan Sweat (Aug 26)
- Re: Remote exploitation of network scanners? Adam Prato (Aug 25)
- Re: Remote exploitation of network scanners? Fyodor (Aug 26)
- Re: Remote exploitation of network scanners? Marshall Beddoe (Aug 26)
- Re: Remote exploitation of network scanners? Cashdollar, Larry (Aug 25)
- Re: Remote exploitation of network scanners? Renaud Deraison (Aug 26)
- Re: Remote exploitation of network scanners? antirez (Aug 26)
- Re: Remote exploitation of network scanners? Domenico De Vitto (Aug 30)
- Re: Remote exploitation of network scanners? Bluefish (P.Magnusson) (Aug 31)