Date: Thu, 23 Aug 2001 03:50:08 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Mark Newton <newton@atdot.dotat.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Attempts to overflow rpc.statd Message-ID: <20010823035008.A96330@xor.obsecurity.org> In-Reply-To: <20010823195855.A77982@atdot.dotat.org>; from newton@atdot.dotat.org on Thu, Aug 23, 2001 at 07:58:55PM %2B0930 References: <20010823195855.A77982@atdot.dotat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--y0ulUmNC+osPPQO6 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Aug 23, 2001 at 07:58:55PM +0930, Mark Newton wrote: > I've been seeing these in syslog for the last week or so. Has anyone > else run across them? >=20 > It looks like a buffer overflow attempt on rpc.statd, but since there > aren't any FreeBSD advisories about it I'm guessing that the script > kiddies are hitting on it at random without necessarily knowing about > what kind of architecture or OS they're trying to attack. >=20 > Does it look familiar to anyone else? Yes, it's an old Linux vulnerability. Kris --y0ulUmNC+osPPQO6 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7hN/fWry0BWjoQKURAkgZAJ9M3x8qMFDiUNuPvT+4QMX/zmF3ngCgv8lx 4mr7w2tAUn4uhJfZaCYzkW0= =lPH+ -----END PGP SIGNATURE----- --y0ulUmNC+osPPQO6-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010823035008.A96330>