On Mon, 8 Oct 2001, Matt wrote:
From: Matt
To: suse-security@suse.de Date: Mon, 08 Oct 2001 14:42:22 +0100 Subject: [suse-security] Impact on Linux and SuSE ? Hi,
Would this impact SuSE 7.2 and is there a fix for SuSE ?
SuSE does not contain the daemon (rpc.ttdbserverd or similar) in question and is therefore not vulnerable. I don't know of any Linux distribution that ships this kind of software. People see an increased amount of portscans to port 111 now, which are signs of the vulnerability being actively exploited. The exploit must contact the rpc-portmapper at port 111 to ask for the port of the ttdb server.
This document is available from: http://www.cert.org/advisories/CA-2001-27.html
I'll have to investigate this a bit further to make sure we don't have
something that is called differently but might be the same or even use the
same codebase. If you don't hear anything very soon, then forget it again!
Thanks,
Roman.
--
- -
| Roman Drahtmüller