Linux NFS utils package (nfs-utils) mountd xlog Function Off-by-one Remote Overflow

Critical Nessus Plugin ID 11800


The remote service is vulnerable to a buffer overflow.


The remote rpc.mountd daemon is vulnerable to an off-by-one overflow which could be exploited by an attacker to gain a root shell on this host.


Upgrade to the latest version of nfs-utils

See Also

Plugin Details

Severity: Critical

ID: 11800

File Name: nfs_xlog_overflow.nasl

Version: 1.30

Type: remote

Family: RPC

Published: 2003/07/23

Updated: 2018/11/15

Dependencies: 11936, 10223, 10437

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Required KB Items: rpc/portmap

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2003/07/14

Reference Information

CVE: CVE-2003-0252

BID: 8179

RHSA: 2003:206-01

SuSE: SUSE-SA:2003:031