[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

portmap vulnerability?

From: Sam Quigley <osquigle cs uchicago edu>
To: linux-security redhat com
Cc: BUGTRAQ netspace org
Subject: portmap vulnerability?
Date: 05 Dec 1998 17:50:38 -0600

Are there any known vulnerabilities in portmap (redhat's
portmap-4.0-7b)?  I've been receiving a lot of attempts to access the
portmap port on some linuxppc machines I administer by various
machines which clearly have no business with mine, and I wonder if
this is an attempt to break in to my machines.

I've searched some archives, but I haven't yet found any known
vulnerabilities in portmap that are likely to lead to any compromise
of system security.  If this is indeed a hack attempt (I believe it
is), then this suggests that (a) there's some well-known vulnerability 
that I have been unable to find out about, or (b) this is a new
exploit.

I haven't yet looked at the source to see if there are any obvious
problems with portmap (buffer overflows, etc.), but I suspect that
there may be.

-sq

Follow-Ups:
- [linux-security] Re: portmap vulnerability?
  - From: Suchandra Thapa
- [linux-security] Re: portmap vulnerability?
  - From: Wietse Venema
- [linux-security] Re: portmap vulnerability?
  - From: Sam Quigley

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]