Re: tcpwrapped rpcbind/portmap?
From: Brian Parent (bparent@calvin.ucsd.edu)Date: 08/31/01
- Previous message: Darren Moffat: "Re: Secure name service for Solaris (was: RPCSEC_GSS and NIS etc)"
- In reply to: Brian Parent: "Re: tcpwrapped rpcbind/portmap?"
- Next in thread: Warren Belfer: "Re: tcpwrapped rpcbind/portmap?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 31 Aug 2001 13:43:02 -0700 From: Brian Parent <bparent@calvin.ucsd.edu> To: "'focus-sun@securityfocus.com'" <focus-sun@securityfocus.com> Subject: Re: tcpwrapped rpcbind/portmap? Message-ID: <20010831134302.V23684@calvin.ucsd.edu>
I guess I should have researched my previous question a bit further before
asking this group. I've discovered an older thread (March 6, 2000)
on comp.security.unix talking exactly about this rpcbind issue.
Basically, it confirms my suspicions, that Wietse's rpcbind code
very likely includes some security bugs that have since been patched
in Solaris code.
- Previous message: Darren Moffat: "Re: Secure name service for Solaris (was: RPCSEC_GSS and NIS etc)"
- In reply to: Brian Parent: "Re: tcpwrapped rpcbind/portmap?"
- Next in thread: Warren Belfer: "Re: tcpwrapped rpcbind/portmap?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
