rpc.statd odd log entry... invalid hostname?
Dan Nelson
dnelson at allantgroup.com
Thu May 8 09:20:28 PDT 2003
In the last episode (May 08), Dave [Hawk-Systems] said:
> noticed the following during a log audit... anything to worry about?
>
> May 7 00:20:29 isp2 rpc.statd: invalid hostname to sm_stat:
> ^X÷ÿ¿^X÷ÿ¿^Y÷ÿ¿^Y÷ÿ¿^Z÷ÿ¿^Z÷ÿ¿^[÷ÿ¿^[÷ÿ¿%8x%8x%8x%8x%8x%8x%8x%8x%8x%236x%n%137x%
> n%10x%n%192x%nM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-^PM-
Looks like an attempt to exploit
http://www.cert.org/advisories/CA-2000-17.html . FreeBSD was never
vulnerable.
--
Dan Nelson
dnelson at allantgroup.com
More information about the freebsd-questions
mailing list