Hello, the same can be said with nfs and coda/samba (windows filesharing)they are both easily exploitable codes simply by the way they operate. Basicaly in a nutshell the code assume to much which makes it easily exploitable.
Ed -----Original Message----- From: Jacob Meuser [mailto:[EMAIL PROTECTED] Sent: Thursday, May 24, 2001 4:34 AM To: debian-security@lists.debian.org Subject: Re: strange log entry On Thu, May 24, 2001 at 01:24:50AM -0400, Ed Street wrote: > Hello, > > Well first off WHY are you running the rpc stuff? (i.e. I can root a redhat > 6.x box in under 30 seconds with a rpc exploit from a clean install) Turn > that stuff OFF. > Not to start a thread discussing OSes, but ... OpenBSD ships with rstatd and ruserd enabled by default and according to http://www.openbsd.org/ "Four years without a remote hole in the default install!" Which begs the question, especially since the *BSD's release their sources under BSD style liscenses, why does rpc remain a security problem in Linux? Is it the kernel? Is it the rpc code? Simply curious, <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
