RPC bootparamd Service Information Disclosure

Medium Nessus Plugin ID 10031


The RPC service running on the remote host has an information disclosure vulnerability.


The bootparamd RPC service is running. It is used by diskless clients to get the necessary information needed to boot properly.

If an attacker uses the BOOTPARAMPROC_WHOAMI and provides the correct address of the client, then he will get its NIS domain back from the server. Once the attacker discovers the NIS domain name, he may easily get your NIS password file.


Filter incoming traffic to prevent connections to the portmapper and to the bootparam daemon, or deactivate this service if you do not use it.

Plugin Details

Severity: Medium

ID: 10031

File Name: bootparamd.nasl

Version: $Revision: 1.29 $

Type: remote

Family: RPC

Published: 1999/08/30

Modified: 2014/02/19

Dependencies: 10223

Risk Information

Risk Factor: Medium


Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Required KB Items: rpc/portmap

Vulnerability Publication Date: 1991/01/01