RPC rpcbind Non-standard Port Assignment Filter Bypass

This script is Copyright (C) 2007-2011 Tenable Network Security, Inc.


Synopsis :

An ONC RPC portmapper is running on the remote host.

Description :

The RPC portmapper is running on this port.

The portmapper allows someone to get the port number of each RPC
service running on the remote host by sending either multiple lookup
requests or a DUMP request.

This service should only run on port 111. However on some operating
systems it also listens on different UDP ports. This might allow an
attacker to circumvent firewall rules.

Solution :

Disable this service if RPC are not used, or update your firewall rules
if needed.

Risk factor :

Medium / CVSS Base Score : 4.0
(CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N)
CVSS Temporal Score : 3.0
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: RPC

Nessus Plugin ID: 20759 ()

Bugtraq ID: 205

CVE ID: CVE-1999-0632
CVE-1999-0189