Hello,
the same can be said with nfs and coda/samba (windows filesharing)they are
both easily exploitable codes simply by the way they operate. Basicaly in a
nutshell the code assume to much which makes it easily exploitable.
Ed
-----Original Message-----
From: Jacob Meuser [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 24, 2001 4:34 AM
To: [EMAIL PROTECTED]
Subject: Re: strange log entry
On Thu, May 24, 2001 at 01:24:50AM -0400, Ed Street wrote:
> Hello,
>
> Well first off WHY are you running the rpc stuff? (i.e. I can root a
redhat
> 6.x box in under 30 seconds with a rpc exploit from a clean install) Turn
> that stuff OFF.
>
Not to start a thread discussing OSes, but ...
OpenBSD ships with rstatd and ruserd enabled by default and according to
http://www.openbsd.org/
"Four years without a remote hole in the default install!"
Which begs the question, especially since the *BSD's release their
sources under BSD style liscenses, why does rpc remain a security problem
in Linux? Is it the kernel? Is it the rpc code?
Simply curious,
<[EMAIL PROTECTED]>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
