Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: NIS --> Category: infos

bootparamd service Vulnerability Scan

Vulnerability Scan Summary
Checks the presence of a RPC service

Detailed Explanation for this Vulnerability Test

The bootparamd RPC service is running.
It is used by diskless clients to get
the necessary information needed to
boot properly.

If a possible hacker uses the BOOTPARAMPROC_WHOAMI
and provides the correct address of the client,
then he will get its NIS domain back from
the server. Once the attacker discovers the NIS domain
name, it may easily get your NIS password

Solution : filter incoming traffic to prevent connections
to the portmapper and to the bootparam daemon,
or deactivate this service if you do not use it.

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.