This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
Updated nfs-utils packages that fix a flaw leading to possible
rpc.mountd crashes are now available.
The nfs-utils package contains the rpc.mountd program, which
implements the NFS mount protocol.
A flaw was discovered in versions of rpc.mountd in nfs-utils versions
after 1.0.3 and prior to 1.0.6. When mounting a directory, rpc.mountd
could crash if the reverse lookup of the client in DNS failed to match
the forward lookup. An attacker who has the ability to mount remote
directories from a server could make use of this flaw to cause a
denial of service by making rpc.mountd crash.
Users are advised to upgrade to these updated packages, which contain
nfs-utils 1.0.6 and is not vulnerable to this issue.
NOTE: Red Hat Enterprise Linux 2.1 includes a version of rpc.mountd
that is not vulnerable to this issue.
See also :
Update the affected nfs-utils package.
Risk factor :
Medium / CVSS Base Score : 5.0
Family: Red Hat Local Security Checks
Nessus Plugin ID: 12470 ()
CVE ID: CVE-2004-0154
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.