<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Honeypots: Re: statd exploit ???

Re: statd exploit ???

From: Jamie <aouf77_at_dsl.pipex.com>
Date: Wed, 30 Oct 2002 23:32:32 +0000

On Wednesday 30 October 2002 22:29, Sriram Newsgroups wrote:
> My honeypt recorded this packet. It looks to be a statd exploit (port
> 32768). I can't narrow it down to what exactly this exploit does or its
> nature.
>
> Here is the sample packet
>
> [snipped]
>

I think it's the statdx2 exploit - which as your packet dump shows is trying
to exploit a format string vulnerability in statd. This exploit is over two
years old now.... doesn't time fly !

-jamie.
Received on Oct 31 2002

This message: [ Message body ]
Next message: Chris Reining: "Re: statd exploit ???"
Previous message: Sriram Newsgroups: "statd exploit ???"
In reply to: Sriram Newsgroups: "statd exploit ???"
Next in thread: Chris Reining: "Re: statd exploit ???"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos