Faulty software --------------- Omni-NFS/X Enterprise version 6.1 Product --------- Omni-NFS/X Enterprise is a X, NFS server solution for win32 systems. It is written by XLink Technology ( http://www.xlink.com ) . Vulnerability ------------- The nfs daemon ( nfsd.exe ) used by Omni-NFS/X will jump to 100% cpu usage if you scan it using nmap with ether the -O (OS detect ) or the -sS ( TCP SYN (half open) ) . Example : (zorkeres@rh-mindlab)(Omni-X)(06/10/99) (1007) $ nmap -O -p 111 slacky Starting nmap V. 2.3BETA5 by Fyodor (fyodorat_private, www.insecure.org/nmap/) Interesting ports on slacky (192.168.1.2): Port State Protocol Service 111 open tcp sunrpc TCP Sequence Prediction: Class=trivial time dependency Difficulty=2 (Trivial joke) Remote operating system guess: Windows NT4 / Win95 / Win98 Nmap run completed -- 1 IP address (1 host up) scanned in 1 second (zorkeres@rh-mindlab)(Omni-X)(06/10/99) (1008) $ This was tested on Microsoft Windows NT 4.0 Workstation with SP5 . I'm preaty sure all their NFS solutions are affected by this. ------------------------------------------------ Sacha Faust sfaust@isi-mtl.com "He who despairs of the human condition is a coward, but he who has hope for it is a fool. " - Albert Camus
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:06:48 PDT