RPC bootparamd Service Information Disclosure (Deprecated)
Medium Nessus Plugin ID 10031
SynopsisThis plugin has been deprecated.
DescriptionThe bootparamd RPC service is running. It is used by diskless clients to get the necessary information needed to boot properly.
If an attacker uses the BOOTPARAMPROC_WHOAMI and provides the correct address of the client, then he will get its NIS domain back from the server. Once the attacker discovers the NIS domain name, he may easily get your NIS password file.