Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

honeypots logo Honeypots mailing list archives

Re: statd exploit ???
From: Jamie <aouf77 () dsl pipex com>
Date: Wed, 30 Oct 2002 23:32:32 +0000
On Wednesday 30 October 2002 22:29, Sriram Newsgroups wrote:

My honeypt recorded this  packet. It looks to be a statd exploit (port
32768). I can't narrow it down to what exactly this exploit does or its
nature.

Here is the sample packet

[snipped]



I think it's the statdx2 exploit - which as your packet dump shows is trying 
to exploit a format string vulnerability in statd. This exploit is over two 
years old now.... doesn't time fly !

-jamie.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]