Signature Detail

NFS: nfs-utils TCP Connection Termination Denial of Service

This signature detects attempts to exploit a known vulnerability against statd daemon of the nfs-utils package. A successful attack can result in a denial-of-service condition.

Extended Description

statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.

Affected Products

• debian debian_linux 3.0
• debian debian_linux 3.0 (:alpha)
• debian debian_linux 3.0 (:arm)
• debian debian_linux 3.0 (:hppa)
• debian debian_linux 3.0 (:ia-32)
• debian debian_linux 3.0 (:ia-64)
• debian debian_linux 3.0 (:m68k)
• debian debian_linux 3.0 (:mips)
• debian debian_linux 3.0 (:mipsel)
• debian debian_linux 3.0 (:ppc)
• debian debian_linux 3.0 (:s-390)
• debian debian_linux 3.0 (:sparc)
• mandrakesoft mandrake_linux 10.0
• mandrakesoft mandrake_linux 10.0 (:amd64)
• mandrakesoft mandrake_linux 10.1
• mandrakesoft mandrake_linux 10.1 (:x86_64)
• mandrakesoft mandrake_linux 9.2
• mandrakesoft mandrake_linux 9.2 (:amd64)
• mandrakesoft mandrake_linux_corporate_server 2.1
• mandrakesoft mandrake_linux_corporate_server 2.1 (:x86_64)
• nfs nfs-utils 1.0.6
• redhat enterprise_linux 3.0
• redhat enterprise_linux 3.0 (:advanced_server)
• redhat enterprise_linux 3.0 (:enterprise_server)
• redhat enterprise_linux 3.0 (:workstation_server)
• redhat enterprise_linux_desktop 3.0

References

• BugTraq: 11785
• CVE: CVE-2004-1014