Re: GFI NSS - RPC.ypasswdd service in Windows Server 2003

From: Donnie (queyosepa_at_quetejodas.net)
Date: 10/23/05


Date: Sat, 22 Oct 2005 23:32:54 GMT


"Doug Fox" <dfox138-no-spam@hotmail.com> wrote in message
news:9sCdnTjrrJH1TM7eRVn-iQ@rogers.com...
> I scanned a Windows Server 2003 by a NSS 5.0 with the latest update. It
> reported that it has found two vulnerabilities, RPC.ypasswdd service
> vulnerability and Samba buffer overflow.
>
> According to CERT and Security Focus, they are more *IX based
> vulnerabilities.
>
> What cause NSS identify these two vulnerabilites? How can I resolve this
> issue?
>
> Could someone please shed some light? Any pointers/comments are
appreciated.
>
> Thanks,
>
#################################
RPC ypasswd is certainly unix related and pretty much outdated AFAIK. If
you have a Unix box run
rpcinfo IP_of_your_server. I'm sure that ypasswdd is not running although
RPC is. There are a few things in windows dependent on RPC. Was that on
port 111? That's was the port used in Unix. Are you running Samba? I
would try another scan using nmap or ostrosoft.. Also, is the server behind
a router and does it have an internal IP address?
donnie



Relevant Pages

  • Re: RPC.ypasswdd service in Windows Server 2003?
    ... > reported that it has found two vulnerabilities, ... > vulnerability and Samba buffer overflow. ... did you really have UNIX services on it? ... "Ich bin ein freier Mensch und werde jetzt von meinen Freiheitsrechten ...
    (comp.security.misc)
  • Re: GFI NSS - RPC.ypasswdd service in Windows Server 2003
    ... >> reported that it has found two vulnerabilities, ... >> vulnerability and Samba buffer overflow. ... > RPC ypasswd is certainly unix related and pretty much outdated AFAIK. ...
    (alt.computer.security)
  • RPC.ypasswdd service in Windows Server 2003?
    ... I scanned a Windows Server 2003 by a NSS 5.0 with the latest update. ... reported that it has found two vulnerabilities, ... vulnerability and Samba buffer overflow. ...
    (comp.security.misc)
  • GFI NSS - RPC.ypasswdd service in Windows Server 2003
    ... I scanned a Windows Server 2003 by a NSS 5.0 with the latest update. ... reported that it has found two vulnerabilities, ... vulnerability and Samba buffer overflow. ...
    (alt.computer.security)
  • [NEWS] Buffer Overrun In RPCSS Service Could Allow Code Execution
    ... Remote Procedure Call (RPC) is a protocol used by the Windows operating ... There are three newly identified vulnerabilities in the part of RPCSS ... Service that deals with RPC messages for DCOM activation- ...
    (Securiteam)