[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: hack attempt? [Unfixed RedHat Vulnerability????]

From: "Adam Alexander" <adam alexander lu>
To: <redhat-list redhat com>
Subject: Re: hack attempt? [Unfixed RedHat Vulnerability????]
Date: Wed, 10 Feb 1999 19:43:05 -0500

>Definitely.  This is the mountd buffer overflow exploit.  The fix is to
>get the very latest nfs-server RPM from rawhide.


I run a redhat 5.2 server at work and I keep up with all the errata that
redhat publishes on its website.  Can I assume from this information that
there is a known vulnerability in the redhat nfs server that does not have
an official patch?  If so, does anyone have a website that would corroborate
this information?  Redhat says on their errata page that the nfs server is
not vulnerable in redhat 5.2.  I would tend to trust this unless I heard
different from an extremely reliable source.  Also, if the nfs server is
vulnerable, how effective would tcp wrappers be in preventing unwanted
intruders assuming that running the nfs server is necessary?

Adam Alexander

Follow-Ups:
- CERN ALERT WUFTPD has vulnerability. Get patch ASAP
  - From: Keith Wyatt
- Re: hack attempt? [Unfixed RedHat Vulnerability????]
  - From: Stefan Miltchev

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]