[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Is there a known rpc.statd buffer overflow?



Quoting Kevin B. McCarty (kmccarty@Princeton.EDU):

> I received the following (see below) in an email from logcheck on my
> home desktop running Sarge.  Looks like an attempt to cause a buffer
> overflow in rpc.statd.  System logs don't include anything else that
> looks suspicious.

That would probably be Ramen, a January 2001 worm that attacks an
rpc.statd bug fixed in summer 2000, plus attacking input validation 
bugs in wu-ftpd v. 2.6 and earlier and LPRng versions earlier than Aug.
2000.

-- 
Cheers,             
Rick Moen                 Support your local medical examiner:  Die strangely.
rick@linuxmafia.com



Reply to: