Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 PORTMAPPER:INFO:CALLIT-PROC

Severity

 Info

Recommended

 No

Category

 PORTMAPPER

Keywords

 callit portmapper rpc

Release Date

 2004/02/19

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

PORTMAPPER: Call It Proc


This protocol anomaly triggers when the portmapper RPC service CALLIT procedure is detected. This procedure is an alternate way of invoking a remote procedure call to a service without directly communicating with the service. The Callit procedure can be dangerous, for example, when a client calls another service through Callit, the portmapper host server considers the remote request like a local one. This may not be a problem if the Callit procedure is properly configured. However, on poorly configured system, an attacker might be able to use it to access control checks, find servers offering vulnerable RPC services, and register or un-register services,

Extended Description

Successful exploitation of the vulnerability could allow a remote attacker to gain access to a server without authentication. An attacker could then further penetrate the system.

References

  • CVE: CVE-1999-0168

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out