[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Solaris 10 Port Stealing Vulnerability

>Imagine if you find a Solaris system running a web server that has a
>remote exploit which allows for the execution of arbitrary code. If the
>web server happens to be listening on the wildcard interface than you
>can very easily insert your own web server in front of it!

There SO_EXCLBIND setsockopt in Solaris which protects hijacking the port.