Re: New Linux worm crawls the web

To: Realos <realos@loftmail.com>
Cc: debian-user@lists.debian.org
Subject: Re: New Linux worm crawls the web
From: Chris Boot <bootc@bootc.net>
Date: Tue, 08 Nov 2005 19:41:00 +0000
Message-id: <[🔎] 4370FF4C.80903@bootc.net>
In-reply-to: <[🔎] 20051108185151.GA6658@isw302>
References: <[🔎] 4370EEFE.5070504@sbcglobal.net> <[🔎] 20051108185151.GA6658@isw302>

Realos wrote:

Mike McCarty wanted us to know:

http://www.securityfocus.com/brief/38?ref=rss



I have rpc.statd and portmap running on my system. Are they vulnerable
to this security hole/worm?

As I do not use nfs on my debian server, doesn't it make sense to
disable both portmap and rpc.statd on my system?

This has nothing to do with portmap or rpc.statd, they use the oldfashioned SysV RPC mechanism. XML-RPC is a very different beast andrelies on a web server and, in this case, PHP, to do the remoteprocedure call.


More info at:
http://www.securityfocus.com/bid/14088/ (linked from the above article)

HTH,
Chris

--
Chris Boot
bootc@bootc.net
http://www.bootc.net/

Reply to:

References:
- New Linux worm crawls the web
  - From: Mike McCarty <mike.mccarty@sbcglobal.net>
- Re: New Linux worm crawls the web
  - From: Realos <realos@loftmail.com>

Prev by Date: Re: New Linux worm crawls the web
Next by Date: Re: New Linux worm crawls the web
Previous by thread: Re: New Linux worm crawls the web
Next by thread: Re: New Linux worm crawls the web
Index(es):
- Date
- Thread