|
Security Incidents
mailing list archives
Re: rpc.statd
From: Jose Nazario <jose () biocserver BIOC cwru edu>
Date: Mon, 1 Oct 2001 12:30:07 -0400 (EDT)
On Mon, 1 Oct 2001 niko () digitalenigma com wrote:
Anyone know which exploit the following signature is associated with?
Sep 30 05:35:10 rpc.statd[470]: gethostbyname error for
^X^?^X^?^Y^?^Y^?^Z^?^Z^?^[^?^[^?%8x%8x%8x%8x%8x%8x%8x%8x%8x%236x
%n%137x%n%10x%n%192x%n\220\220\220\220\220\220\220\220\220\220\220\220\220\220\2
[snip]
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=rpc.statd
looks like CVE-2000-0666 (the evil CVE entry for the year? hahaha)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0666
get familiar with the CVE, its a great resource.
____________________________
jose nazario jose () cwru edu
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
 By Date 
By Thread
Current thread:
- rpc.statd niko (Oct 01)
- Re: rpc.statd Jose Nazario (Oct 01)
| 
Intro
