[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
rpc.statd error
By the way, thanks to everyone who offered help, after I upgraded, the problem disappeared, but I think your correct that someone was trying to overflow through there.... well documented security flaw apparently (at least through rh 6.2).
Phil
*********** REPLY SEPARATOR ***********
On 4/28/01 at 11:24 PM James R. Van Zandt wrote:
>Phil Buckley <phil at 1918.com> writes:
>
>>Anyone have an idea why I might be getting this error (from log
>>file)? Also, does anyone have a suggestion for checking to see if
>>statd is functioning properly?
>>
>>TIA,
>>Phil
>>
>>Apr 21 11:00:48 galloproductions rpc.statd[342]: gethostbyname error
>for ^X�)B???^X???^Z???^Z???%...
>
>This looks like a buffer overflow exploit. I got hit with one a
>couple of weeks ago.
>
>See http://www.sans.org/y2k/adore.htm for more information, or visit
>Google and search for "rpc.statd buffer overflow".
>
> - Jim Van Zandt
>
>
>-
>Subcription/unsubscription/info requests: send e-mail with
>"subscribe", "unsubscribe", or "info" on the first line of the
>message body to discuss-request at blu.org (Subject line is ignored).
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).
 |
|
BLU is a member of BostonUserGroups |
|
We also thank MIT for the use of their facilities. |
Boston Linux & Unix / webmaster@blu.org
