Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Red Hat Local Security Checks --> Category: infos

RHSA-2004-072: nfs Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the nfs packages

Detailed Explanation for this Vulnerability Test

Updated nfs-utils packages that fix a flaw leading to possible rpc.mountd
crashes are now available.

The nfs-utils package contains the rpc.mountd program, which implements the
NFS mount protocol.

A flaw was discovered in versions of rpc.mountd in nfs-utils versions after
1.0.3 and prior to 1.0.6. When mounting a directory, rpc.mountd could
crash if the reverse lookup of the client in DNS failed to match the
forward lookup. A possible hacker who has the ability to mount remote
directories from a server could make use of this flaw to cause a denial of
service by making rpc.mountd crash.

Users are advised to upgrade to these updated packages, which contain
nfs-utils 1.0.6 and is not vulnerable to this issue.

NOTE: Red Hat Enterprise Linux 2.1 includes a version of rpc.mountd that is
not vulnerable to this issue.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.