[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

NFS/mountd minor bug

From: Alan Cox <alan cymru net>
To: bugtraq crimelab com, linux-security redhat com
Subject: NFS/mountd minor bug
Date: Thu, 5 Dec 1996 10:05:36 GMT

This is only a small one and not that serious because remote lusers shouldnt
have access to your portmappers at all. However if they do then rpc.mountd
gives out more info than is ideal.

Viz

mount testbox:/usr/lib /mnt
mount testbox:/usr/lib failed, reason given by server: Permission denied
mount testbox:/usr/libs /mnt
mount: testbox:/usr/libs failed, reason given by server: No such file or directory

ie you can use it to test what is installed on a box.

Alan

[mod: The bad news is that you don't really need access to the
portmapper to find the mountd: a port scan between 500 and 1000 will
most likely turn up just a few ports that you can connect to, and
trying to send a mount request to those ports will quickly tell you
where the mountd lives.... -- REW]

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]