|
SGI IRIX update for rpc.mountd
|
|
Secunia Advisory:
|
SA10278
|
|
|
Release Date:
|
2003-11-24
|
|
Last Update:
|
2003-12-09
|
|
Popularity:
|
8,433 views
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Security Bypass
Exposure of system information
DoS
|
|
Where:
|
From local network
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | SGI IRIX 6.5.x
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 1 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Description:
SGI has issued an update for rpc.mountd. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a Denial of Service or gain knowledge of certain system information.
1) The rpc.mountd service returns various replies depending on whether a requested file exists or not. This can be exploited to enumerate files present on the system by attempting to mount them and looking at the returned error messages.
2) The rpc.mountd service may accept connections from unprivileged ports when configured with the "-n" option.
3) An unspecified vulnerability can be exploited to cause a Denial of Service.
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
