RPC bootparamd NIS Domain Name Disclosure

medium Nessus Plugin ID 12237

Language:

Synopsis

The remote RPC service is disclosing information.

Description

Using the remote bootparamd service, it was possible to obtain the NIS domain of the network. A remote attacker could use this information to mount further attacks.

Solution

Filter incoming traffic to this port.

Plugin Details

Severity: Medium

ID: 12237

File Name: bootparamd_get_nis_domain.nasl

Version: Revision: 1.16

Type: remote

Family: RPC

Published: 5/13/2004

Updated: 9/24/2015

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Required KB Items: rpc/portmap

Exploited by Nessus: true

Detections

Analytics