[SunHELP] mountd security vulnerablility
Dale Ghent
sunhelp at sunhelp.org
Thu Apr 19 08:55:17 CDT 2001
On Thu, 19 Apr 2001 j_li at yeah.net wrote:
| Hi all,
|
| I found the following vulnerability by using ISS scan tool on my
| Solaris 7 box: ------------------ Vulnerability Name Severity NFS
| mount daemon operating on an unreserved port Medium
|
| Description: The mountd daemon is running over a non-reserved port.
| This daemon is probably vulnerable to port hijacking and should be
| moved to a reserved port. ------------------
|
| Could anybody point me on how to fix it ?
If you arent using NFS, then disable it.
If you need to keep it running, install patch 107477-03. This patch is
included in the Solaris 7 Recommended Patch Cluster, which is available at
ftp://sunsolve.sun.com/pub/patches/
/dale
More information about the SunHELP
mailing list