RPC bind service on improper port
| rpc-32771 (330) |  Medium Risk |
Description:
Normally, the rpcbind service only listens on port 111. Under Solaris, the rpcbind service also listens under port 32771, which sometimes allows attackers to bypass packet filtering.
Consequences:
Bypass Security
Remedy:
Apply the appropriate patch for your system, as listed in Sun Microsystems, Inc. Security Bulletin #00142. See References.
References:
- BugTraq Mailing List, Tue, 8 Jul 1997 14:43:04 -0600: Addendum to Rpcbind Advisory.
- Network Associates, Inc. COVERT Labs Security Advisory #15, June 4, 1997: Solaris rpcbind weaknesses. (From Packet Storm archive)
- Sun Microsystems, Inc. Security Bulletin #00142: Vulnerability in rpcbind.
- BID-205: Solaris rpcbind Listening on a Non-Standard Port Vulnerability
- CVE-1999-0189: Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111.
Platforms Affected:
- Sun Solaris 1.0
- Sun Solaris 2.3
- Sun Solaris 2.4 x86
- Sun Solaris 2.5 x86
- Sun Solaris 2.5.1
- Sun Solaris 2.5.1 x86
Reported:
Jun 04, 1997
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net