Re: rpc.cmsd?
Rafi Sadowsky (rafi@tavor.openu.ac.il)
Tue, 19 Jul 1994 13:54:48 +0300 (IDT)
oops - forgot the cc's - so here goes
-
Subject: Re: rpc.cmsd?
To: perry@imsi.com
Date: Tue, 19 Jul 1994 12:19:01 +0300 (IDT)
From: rafi
Perry E. Metzger wrote:
>
>
> jsz says:
> > >
> > > >> I've heard there is some method of exploiting rpc.cmsd -- anyone
> > > >> have any information on this?
> > >
> > > jsz> Perhaps
> > >
> > > What does that mean???
> >
> > It means that it's quite likely that rpc.cmsd is vulnerable, and there is a
> > good chance to locate a security problem in it, which may allow you gain
> > access to a system from remote, another root-from-remote, if you want.
>
> If you know a hole, the purpose of Bugtraq is to describe it so that
> we can all make ourselves safe. If you don't know of one, please don't
> make us paranoid unnecessarily. If you know of one and won't tell us
> what it is, then you are not helping anyone and you are not following
> the charter of this list.
>
> Perry
>
[ I apoligise if this is a case of mistaken identity - but I think not ]
given that jsz is a ( hopefully :-) reformed ex-cracker ( better known as "yo" )
I'm somewhat suspicious of his motives ...
(of course I'm a reformed ex-cracker myself - but thats another story... :-)
of course if you're worried about remote users cracking your rpc.cmsd
you should at least use tcp_wrappers to protect it from offsite users
(combined with an approriate router setup - to prevent forged IP source address
of course ...)
well Yonatan(you are jsz aren't you ?) - is that enough provocation
to get some more details from you ?
Rafi
--
+-------------------------------+---------------------------------------+
| Rafi Sadowsky | rafi@tavor.openu.ac.il |
| Comp.Sci. dept |-[also postmaster@openu.ac.il]---------+
| Open University of Israel | Voice: +972-3-6460592 |
| Tel-Aviv, Israel | Fax: +972-3-6460483 |
+-------------------------------+---------------------------------------+