[SunHELP] mountd security vulnerablility
Li John-a16118
sunhelp at sunhelp.org
Mon Apr 23 04:03:43 CDT 2001
Dale,
After I installed the patch(107477-03) and restart the system, ISS still found the same vulnerability. Could you advise me on this ?
Best Regards.
John
-----Original Message-----
From: Dale Ghent [mailto:daleg at elemental.org]
Sent: Thursday, April 19, 2001 9:55 PM
To: sunhelp at sunhelp.org
Subject: Re: [SunHELP] mountd security vulnerablility
On Thu, 19 Apr 2001 j_li at yeah.net wrote:
| Hi all,
|
| I found the following vulnerability by using ISS scan tool on my
| Solaris 7 box: ------------------ Vulnerability Name Severity NFS
| mount daemon operating on an unreserved port Medium
|
| Description: The mountd daemon is running over a non-reserved port.
| This daemon is probably vulnerable to port hijacking and should be
| moved to a reserved port. ------------------
|
| Could anybody point me on how to fix it ?
If you arent using NFS, then disable it.
If you need to keep it running, install patch 107477-03. This patch is
included in the Solaris 7 Recommended Patch Cluster, which is available at
ftp://sunsolve.sun.com/pub/patches/
/dale
_______________________________________________
SunHELP maillist - SunHELP at sunhelp.org
http://www.sunhelp.org/mailman/listinfo/sunhelp
More information about the SunHELP
mailing list