SGI IRIX rpc.mountd hostname denial of service

irix-rpcmountd-hostname-dos (20911) The risk level is classified as MediumMedium Risk

Description:

SGI IRIX is vulnerable to a denial of service attack caused by a vulnerability in the rpc.mountd. The rpc.mountd program is designed to deny access to anonymous clients for which the hostname is not listed within the Domain Name Server (DNS), Network Information Service (NIS) or other hosts. A remote attacker could use this vulnerability to cause a denial of service.


Consequences:

Denial of Service

Remedy:

Apply the appropriate patch for your system, as listed in SGI Security Advisory 20050601-01-P. See References.

References:

  • SGI Security Advisory 20050601-01-P: rpc.mountd security issues in IRIX 6.5.25-6.5.27.
  • BID-13889: SGI IRIX RPC.MountD Read-Mostly Mount Unspecified File Access Vulnerability
  • CVE-2005-0138: rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not correctly allow access to anonymous clients that connect from a system whose hostname can not be determined. NOTE: while this issue occurs in a security mechanism, there is no apparent attacker role and probably does not satisfy the CVE definition of a vulnerability.
  • CVE-2005-0139: Unknown vulnerability in rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not sufficiently restrict access rights for read-mostly exports, which allows attackers to conduct unauthorized activities.
  • SA15619: SGI IRIX rpc.mountd "read-mostly" Exports Read/Write Access

Platforms Affected:

  • SGI IRIX 6.5.25
  • SGI IRIX 6.5.26
  • SGI IRIX 6.5.27

Reported:

Jun 07, 2005

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page