[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Solaris 10 Port Stealing Vulnerability

To: "Chris O'Regan" <chris@xxxxxxxxxxxxxxxxx>
Subject: Re: Solaris 10 Port Stealing Vulnerability
From: Casper.Dik@xxxxxxxxxx
Date: Thu, 31 Mar 2011 17:18:38 +0200

>Imagine if you find a Solaris system running a web server that has a
>remote exploit which allows for the execution of arbitrary code. If the
>web server happens to be listening on the wildcard interface than you
>can very easily insert your own web server in front of it!


There SO_EXCLBIND setsockopt in Solaris which protects hijacking the port.

Casper

References:
- RE: Solaris 10 Port Stealing Vulnerability
  - From: Chris O'Regan

Prev by Date: [USN-1100-1] OpenLDAP vulnerabilities
Next by Date: BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload
Previous by thread: RE: Solaris 10 Port Stealing Vulnerability
Next by thread: Re: Re: HTB22905: Path disclosure in Wordpress
Index(es):
- Date
- Thread