Re: Is there a known rpc.statd buffer overflow?

To: "Kevin B. McCarty" <kmccarty@Princeton.EDU>
Cc: debian-security@lists.debian.org
Subject: Re: Is there a known rpc.statd buffer overflow?
From: Noah Meyerhans <noahm@debian.org>
Date: Wed, 9 Nov 2005 10:52:49 -0500
Message-id: <[🔎] 20051109155249.GC21833@morgul.net>
Mail-followup-to: Noah Meyerhans <noahm@debian.org>, "Kevin B. McCarty" <kmccarty@Princeton.EDU>, debian-security@lists.debian.org
In-reply-to: <[🔎] 437215B5.6080500@princeton.edu>
References: <[🔎] 437215B5.6080500@princeton.edu>

On Wed, Nov 09, 2005 at 10:28:53AM -0500, Kevin B. McCarty wrote:
> I received the following (see below) in an email from logcheck on my
> home desktop running Sarge.  Looks like an attempt to cause a buffer
> overflow in rpc.statd.  System logs don't include anything else that
> looks suspicious.

That's a *really* ancient bug.  It was fixed long before woody (yes,
woody) was released.

It is pretty amazing that such ancient worms are still in the wild...
I'm almost surprised that we aren't still seeing occasional signs of the
Morris Worm trying to propagate.  ;)

noah

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- Is there a known rpc.statd buffer overflow?
  - From: "Kevin B. McCarty" <kmccarty@Princeton.EDU>

Prev by Date: Is there a known rpc.statd buffer overflow?
Next by Date: Re: Is there a known rpc.statd buffer overflow?
Previous by thread: Is there a known rpc.statd buffer overflow?
Next by thread: Re: Is there a known rpc.statd buffer overflow?
Index(es):
- Date
- Thread