REPOST: Re: Addendum to Rpcbind Advisory

Wietse Venema (wietse@WZV.WIN.TUE.NL)
Thu, 31 Jul 1997 09:07:08 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Aleph One: "HP Security Bulletins Digest"
Previous message: Adam Shostack: "Re: Shared Secret Recovery in RADIUS"
Maybe in reply to: Alfred Huger: "Re: Addendum to Rpcbind Advisory"

[In case you wonder what the heck Mr. Huger was responding to, it
seems that my announcement was lost after being forwarded to the
bugtraq moderator, so I am reposting it]

I have updated my rpcbind source so that it rejects requests from
remote clients to UDP or TCP ports other than 111. It is ready for
downloading, see ftp://ftp.win.tue.nl/pub/security/index.html.

In the future, I'd appreciate it if SNI would contact me, the
author, before announcing a possible loophole in my source code.
Oh, and my first name is Wietse, not Wieste.

Wietse

Next message: Aleph One: "HP Security Bulletins Digest"
Previous message: Adam Shostack: "Re: Shared Secret Recovery in RADIUS"
Maybe in reply to: Alfred Huger: "Re: Addendum to Rpcbind Advisory"