According to Bill Kocik: While burning my CPU.
>
> He was able to get in by exploiting a hole in my NFS server.
> I installed this server from the rpm that shipped with Red Hat
> 5.1, and rpc.mountd that is in that is vulnerable to buffer
> overflows. He was able to get rpc.mountd to execute commands
> as root for him. He could have done anything he wanted, but I
> was lucky. They guy was a true hacker, not a cracker, and as
> such all he did (to my knowledge) was find the hole, prove to
> me that he'd found it, and then told me what it was so that I
> could fix it.
What entries do you have in /etc/exports ???
ones with "rw" ??
>
> ---
> Bill Kocik
> Information Systems
> Medar, Inc.
> E-mail: [EMAIL PROTECTED]
> Web: http://www.medar.com
>
--
Regards Richard.
[EMAIL PROTECTED]
