Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Plugin 20989 FreeBSD nfsd Malformed NFS Mount Request Denial of Service

from [jfvanmeter] Network Security [Permanent Link]
Subject: Plugin 20989 FreeBSD nfsd Malformed NFS Mount Request Denial of Service Vulnerability
Date: Tue, 28 Aug 2007 14:39:54 +0000 
The FreeBSD nfsd Malformed NFS Mount Request Denial of Service Vulnerability 
showed up in a report for a scan of a Dell Power Edge 2950 storage server that 
was pre load from the factory with Windows server 2003 SP1 R2. 

NFS is running on port 2049 and is  NFS from the Windows Services for UNIX 3.0. 
The server didn't crash, and I was wondering if the false positive was created 
by some time out condition waiting for the response back from the server.

If the fasle positive was create by a time out condition is there some way I 
can tweak Nessus to account for this?

Synopsis :

The remote host is affected by a denial of service vulnerability. 


Description :

The NFS server on the remote host appears to be one from FreeBSD that
causes a kernel panic when it receives a malformed NFS mount request
via TCP. An unauthenticated remote attacker can leverage this flaw to
crash the remote host. 


See Also :

http://lists.immunitysec.com/pipermail/dailydave/2006-February/002982.html
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:10.nfs.asc


Solution:

Use a firewall to restrict access to the NFS server or upgrade / patch
the affected system as described in the vendor advisory above. 


Risk Factor : 

Medium / CVSS Base Score : 5 
(AV:R/AC:L/Au:NR/C:N/A:C/I:N/B:A)
BID : 16838
Plugin ID : 20989

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Plugin 20989 FreeBSD nfsd Malformed NFS Mount Request Denial of Service Vulnerability, jfvanmeter <=
Previous by Date:  Re: Nessus Scan against PIX ( Statefull firewalls ), Michel Arboi
Next by Date:  Re: Nessus Scan against PIX ( Statefull firewalls ), Ron Gula
Previous by Thread:  Nessus Scan against PIX ( Statefull firewalls ), hariprasad hariprasad
Next by Thread:  Nessus .Audit files and I2A, Holstein, Robert - BLS CTR
Indexes:  [Date] [Thread] [Top] [All Lists]