Re: Is there a known rpc.statd buffer overflow?
Quoting Kevin B. McCarty (kmccarty@Princeton.EDU):
> I received the following (see below) in an email from logcheck on my
> home desktop running Sarge. Looks like an attempt to cause a buffer
> overflow in rpc.statd. System logs don't include anything else that
> looks suspicious.
That would probably be Ramen, a January 2001 worm that attacks an
rpc.statd bug fixed in summer 2000, plus attacking input validation
bugs in wu-ftpd v. 2.6 and earlier and LPRng versions earlier than Aug.
2000.
--
Cheers,
Rick Moen Support your local medical examiner: Die strangely.
rick@linuxmafia.com
Reply to: