FreeBSD nfsd NFS Mount request denial of service
| freebsd-nfsd-kernel-dos (24918) |  High Risk |
Description:
FreeBSD is vulnerable to a denial of service attack. A remote attacker could send a specially-crafted NFS Mount request to TCP port 2049 to cause a kernel panic, resulting in a denial of service.
Note: This vulnerability was discovered using the ProtoVer NFS testsuite 1.0.
Platforms Affected:
- FreeBSD, FreeBSD 6.0
Remedy:
Upgrade to the latest patch for FreeBSD, available from the FreeBSD Web site. See References.
Consequences:
Denial of Service
References:
- Dailydave Mailing List, Sun Feb 26 11:10:42 EST 2006, fun with FreeBSD kernel at http://lists.immunitysec.com/pipermail/dailydave/2006-February/002982.html.
- FreeBSD Web site, CERT/patches/SA-06:10 at ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-06:10.
- GLEG Ltd. Web site, ProtoVer Professional testsuite at http://www.gleg.net/protover_pro.shtml.
- BID-16838: FreeBSD Remote NFS RPC Request Denial of Service Vulnerability
- CVE-2006-0900: nfsd in FreeBSD 6.0 kernel allows remote attackers to cause a denial of service via a crafted NFS mount request, as demonstrated by the ProtoVer NFS test suite.
- OSVDB ID: 23511: FreeBSD nfsd Malformed NFS Mount Request Remote DoS
- SA19017: FreeBSD "nfsd" NFS Mount Request Denial of Service
Reported:
Feb 26, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net