-----BEGIN PGP SIGNED MESSAGE----- Subject: Caldera Security Advisory SA-1998.32: NFS Server Security Problem Topic: NFS Server Security Problem Advisory issue date: 28 August 1998 I. Problem Description A security problem has been found with the Linux Universal NFS Daemon. Anyone with access to the rpc.mountd port of the NFS server machine can exploit this problem. It is not necessary that the attacking host is listed in /etc/exports. II. Impact Description: Attackers can gain unauthorized privilege. Vulnerable Systems: OpenLinux 1.0, 1.1, & 1.2 systems using versions of the NFS server up to and including nfs-server-2.2beta29. III. Solution Workaround: None available. Correction: The proper solution is to upgrade to the nfs-server-2.2beta35 packages. They can be found on Caldera's FTP site at: ftp://ftp.caldera.com/pub/OpenLinux/updates/1.2/current/RPMS The corresponding source code can be found at: ftp://ftp.caldera.com/pub/OpenLinux/updates/1.2/current/SRPMS The MD5 checksums (from the "md5sum" command) for these packages are: 10fdb82ed8fd1b88c73fd962d8980bb4 nfs-server-2.2beta35-2.i386.rpm 6b075faf1d424e099c6932d95e76fd6b nfs-server-2.2beta35-2.src.rpm 59e275b1ed6b98a39a38406f0415a226 nfs-server-clients-2.2beta35-2.i386.rpm Upgrade with the following commands: /etc/rc.d/init.d/nfs stop rpm -Uvh nfs-server-2.2beta35-2.i386.rpm rpm -Uvh nfs-server-clients-2.2beta35-2.i386.rpm /etc/rc.d/init.d/nfs start IV. References This and other Caldera security resources are located at: http://www.caldera.com/news/security/index.html Additional documentation on this problem can be found in This security fix closes Caldera's internal Problem Report 4152. -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBNebJsun+9R4958LpAQFGdwP/SAYosSgQFsMB37OTiGfNkMW0dIY+iEGc OdXizFOF2Dsvi5azi0xIpmr9o6mt0aFy6iOQqP5OSW//NzBfogHIODDIj4Syv3y9 qXjEPapfl+0HA6T8UHKnrLBf16Pkw/kkIGyFriXFSQjrIMSdVdI5ayDBYcYmJCYc mG7y5KyJHA4= =P1Ar -----END PGP SIGNATURE-----