[prev in list] [next in list] [prev in thread] [next in thread] 

List:       debian-security
Subject:    Re: Is there a known rpc.statd buffer overflow?
From:       Rick Moen <rick () linuxmafia ! com>
Date:       2005-11-09 17:11:49
Message-ID: 20051109171149.GO21839 () linuxmafia ! com
[Download RAW message or body]

Quoting Kevin B. McCarty (kmccarty@Princeton.EDU):

> I received the following (see below) in an email from logcheck on my
> home desktop running Sarge.  Looks like an attempt to cause a buffer
> overflow in rpc.statd.  System logs don't include anything else that
> looks suspicious.

That would probably be Ramen, a January 2001 worm that attacks an
rpc.statd bug fixed in summer 2000, plus attacking input validation 
bugs in wu-ftpd v. 2.6 and earlier and LPRng versions earlier than Aug.
2000.

-- 
Cheers,             
Rick Moen                 Support your local medical examiner:  Die strangely.
rick@linuxmafia.com


-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

[prev in list] [next in list] [prev in thread] [next in thread]