ID PACKETSTORM:15637 Type packetstorm Reporter Packet Storm Modified 1999-09-19T00:00:00
Description
`Subject: Auditing for RPC vulnerabilities? Use BASS
To: BUGTRAQ@SECURITYFOCUS.COM
On Wed, Sep 01, 1999 at 09:44:26PM -0400, Fyodor wrote:
> Further, it can be painful to locate and 'rpcinfo' every host on a
> large network.
BASS includes RPC support, and was designed with bulk in mind (It was
developed for the Internet Auditing Project). It will only take a few
minutes of trivial effort to update the scanner (I might just do it
myself). Besides being a bit out of date, it's well suited for the
task.
RPC support is based on portmapper however, so you won't fair well
if the network is behind a firewall.
You can grab it at:
http://www.securityfocus.com/data/tools/network/bass-1.0.7.tar.gz
BTW, Unless you're running a Linux libc5 (our original development
system), you'll need to apply the bugfix patches posted on Bugtraq a
few weeks ago (Yes, a new version *is* in order).
Fyodor's nmap, especially with RPC support is really an excellent tool.
However, with nmap:
1) It may take a while to comprehensively scan a very large network.
2) It merely detects the presence of a service, and does not test for
vulnerability (by attempting an overflow and evaluating the
response, or the lack of one).
Cheers,
Liraz
`
{"id": "PACKETSTORM:15637", "type": "packetstorm", "bulletinFamily": "exploit", "title": "rpc_vulnerability.txt", "description": "", "published": "1999-09-19T00:00:00", "modified": "1999-09-19T00:00:00", "cvss": {"vector": "NONE", "score": 0.0}, "href": "https://packetstormsecurity.com/files/15637/rpc_vulnerability.txt.html", "reporter": "Packet Storm", "references": [], "cvelist": [], "lastseen": "2016-11-03T10:27:38", "viewCount": 1, "enchantments": {"score": {"value": -0.1, "vector": "NONE", "modified": "2016-11-03T10:27:38", "rev": 2}, "dependencies": {"references": [], "modified": "2016-11-03T10:27:38", "rev": 2}, "vulnersScore": -0.1}, "sourceHref": "https://packetstormsecurity.com/files/download/15637/rpc_vulnerability.txt", "sourceData": "`Subject: Auditing for RPC vulnerabilities? Use BASS \nTo: BUGTRAQ@SECURITYFOCUS.COM \n \n \nOn Wed, Sep 01, 1999 at 09:44:26PM -0400, Fyodor wrote: \n \n \n> Further, it can be painful to locate and 'rpcinfo' every host on a \n> large network. \n \n \nBASS includes RPC support, and was designed with bulk in mind (It was \ndeveloped for the Internet Auditing Project). It will only take a few \nminutes of trivial effort to update the scanner (I might just do it \nmyself). Besides being a bit out of date, it's well suited for the \ntask. \n \n \nRPC support is based on portmapper however, so you won't fair well \nif the network is behind a firewall. \n \n \nYou can grab it at: \nhttp://www.securityfocus.com/data/tools/network/bass-1.0.7.tar.gz \n \n \nBTW, Unless you're running a Linux libc5 (our original development \nsystem), you'll need to apply the bugfix patches posted on Bugtraq a \nfew weeks ago (Yes, a new version *is* in order). \n \n \nFyodor's nmap, especially with RPC support is really an excellent tool. \nHowever, with nmap: \n1) It may take a while to comprehensively scan a very large network. \n2) It merely detects the presence of a service, and does not test for \nvulnerability (by attempting an overflow and evaluating the \nresponse, or the lack of one). \n \n \nCheers, \nLiraz \n`\n"}