Vulnerabilities found in my Fedora Core 2
Thomas Arendsen Hein
thomas at intevation.de
Fri Dec 3 01:47:14 EST 2004
* Edilmar Alves - Lista <edilista at fes.br> [20041203 00:58]:
> The last question: excuse me but I don't know what is omad or statd
> service. Can anyone explain the needed of it? Thanks...
>
> Vulnerability found on port omad (32768/udp)
> The remote statd service may be vulnerable to a format string attack.
> This means that an attacker may execute arbitrary code thanks to a bug
> in this daemon.
> Only older versions of statd under Linux are affected by this problem.
I get something like:
"Vulnerability found on port unknown (32768/udp)"
So nessus uses /etc/services (or the nmap services file?) to look up
the port name, which is "omad" on your computer.
While looking closer at it, nessus found out, that the service
running on this port is "statd". statd (and some other services)
don't have a fixed port number, but get one assigned via the portmap
daemon.
So forget the word "omad", because it doesn't run here.
Thomas
--
Email: thomas at intevation.de
http://intevation.de/~thomas/
More information about the Nessus
mailing list