Signature Detail
Short Name |
OS:LINUXX86:MOUNTD-OF-2 |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
OS |
Keywords |
Linux x86 Mountd Buffer Overflow (2) |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
OS: Linux x86 Mountd Buffer Overflow (2)
This signature detects attempts to exploit a known vulnerability against mountd logging code in NFS servers running on LINUX. All versions of Red Hat LINUX are susceptible. Mountd, which can be installed and enabled by default, logs requests to use the distributed file system and keeps tracks of unauthorized mount attempts. Attackers can create a buffer overflow to gain root access.
Extended Description
NFS servers running certain implementations of mountd, primarily Linux systems. On some systems, the vulnerable NFS server is enabled by default. This vulnerability can be exploited even if the NFS server does not share any file systems. This vulnerability is specifically a buffer overflow in the mount daemons logging code which is supposed to log unauthorized mount attempts.
Affected Products
- Caldera OpenLinux Standard 1.2.0
- Red Hat Linux 2.0.0
- Red Hat Linux 2.1.0
- Red Hat Linux 3.0.3
- Red Hat Linux 4.0.0
- Red Hat Linux 4.1.0
- Red Hat Linux 4.2.0
- Red Hat Linux 5.0.0
- Red Hat Linux 5.1.0
References
- BugTraq: 121
- CERT: CA-1998-12
- CVE: CVE-1999-0002
- URL: http://www.securityfocus.com/advisories/336