Saturday, 2 February 2013

As RPC has been found, and vetes investigates


As RPC has been found, and vetes investigates further, 
below:
checking for cmsd: 192.168.2.3 is cmsd
Patch:
http://sunsolve.sun.com/sunsolve/pubpatches/patches.html
Exploit: tools/cmsd/
a vulnerability in the rpc.cmsd can be used to overflow a buffer
found in
the daemon allowing a local user to gain root privileges.
The rpc.cmsd is a small database manager for appointments and
resource-scheduling data. Its primary client is the Calendar Manager
in OpenWindows, and Calendar in CDE. Buffer overflow vulnerability
has
been discovered which may be exploited to execute arbitrary
instructions and gain root access.
checking for RPC/Statd: statd
Patch: ftp://sgigate.sgi.com/patches/
Exploit: docs/statd
checking for amd:
checking for sadmin: Sadmin
Patch: Comment out this line
100232/10 tli rpc/udp wait root /usr/sbin/sadmind sadmind
in /etc/inetd.conf, block all access to it from external networks
filtering rulesets on your routers or Firewalls, or Install patch
if AdminSuite is installed. AdminSuite may be installed on
SunOS 5.7, 5.6, 5.5.1, 5.5, 5.4 or 5.3.
The patches are available at:
http://sunsolve.sun.com/pub-cgi/show.pl?target=patches/patchlicense&
nav=pub-patches
Exploit: tools/sadmin
Vulnerable systems: Sun Solaris 7.0 Sun Solaris 2.6
checking for rpc.ttdbserverd: ttdbserverd
Patch:
http://ftp.service.digital.com/patches/public/unix/v4.0/
ssrt0583u.README
Exploit: http://www.self-evident.com/exploits/tuv

And finds a number of potential problems, and advice on how to fix, or
exploit, them. The last part of the scan is shown below
checking for rpc.nisd:
checking for selection:
checking for rpc.mountd:
checking for exports:
checking for fam:
checking for automountd:
checking for nfsd:
checking for autofsd:
checking for rusersd: rusersd
Fix: comment this out in /etc/inetd.conf
checking for pcnfsd:
checking for walld: walld
Fix: Comment this out in /etc/inetd.conf
=-=-=-=-=-=-=-=-=V=e=t=e=S=c=a=n=-=-=-=-=-=-=-=-=-=-==
Mail Related Vulnerabilities
=-=-=-=-=-=-=-=-=V=e=t=e=S=c=a=n=-=-=-=-=-=-=-=-=-=-==
checking for Pop3d:
checking for Qpop 2.2:
checking for Qpop2.41beta1:
checking for Sco Qpop:
checking for Qpop UCB:
checking for Qpop 3.0:
checking for Qpop 2.4:
checking for Imadp:
=-=-=-=-=-=-=-=-=V=e=t=e=S=c=a=n=-=-=-=-=-=-=-=-=-=-==
Web Related Vulnerabilities
=-=-=-=-=-=-=-=-=V=e=t=e=S=c=a=n=-=-=-=-=-=-=-=-=-=-==
checking for MySql:
checking for Mini-SQL:
checking for Web Proxy:
Running httpd: .
=-=-=-=-=-=-=-=-=V=e=t=e=S=c=a=n=-=-=-=-=-=-=-=-=-=-==






















at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)