OS: Linux x86 mountd Buffer Overflow (1)
This signature detects attempts to exploit the mountd logging code in NFS servers running on LINUX. All versions of Red Hat LINUX are susceptible. Mountd, which can be installed and enabled by default, logs requests to use the distributed file system and keeps tracks of unauthorized mount attempts. Attackers can create a buffer overflow to gain root access.
Extended Description
NFS servers running certain implementations of mountd, primarily Linux systems. On some systems, the vulnerable NFS server is enabled by default. This vulnerability can be exploited even if the NFS server does not share any file systems. This vulnerability is specifically a buffer overflow in the mount daemons logging code which is supposed to log unauthorized mount attempts.
Affected Products
Red_hat linux
Short Name
OS:LINUXX86:MOUNTD-OF-1
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
OS
Keywords
(1) Buffer CA-1998-12 CVE-1999-0002 Linux Overflow bid:121 mountd x86
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
TCP/635
False Positive
Unknown
Vendors
Red_hat
Caldera
CVSS Score
10.0