[12176] in bugtraq
Re: Omni-NFS/X Enterprise (nfsd.exe) DOS
daemon@ATHENA.MIT.EDU (H D Moore)
Fri Oct 8 18:10:08 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <37FB9467.6A73FA1E@consultant.com>
Date: Wed, 6 Oct 1999 13:26:47 -0500
Reply-To: H D Moore <secureaustin@CONSULTANT.COM>
From: H D Moore <secureaustin@CONSULTANT.COM>
X-To: "S.Faust" <sfaust@ISI-MTL.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
I could not reproduce this:
Target System: Windows 98 (full updates) (AMD K6-III 450 / 128 Mb RAM)
Omni-NFS/X Version: 4.01
Tried each and every TCP/UDP nmap scan in 2.3 Beta 6
(RPC/SYN/FIN/XMAS/CONNECT/UDP/NULL/ETC) without the CPU usage going over
3% (and thats only when it hit port 111). Could this be a vulnerability
in the NT Winsock API (looping select() or something similar)?
-HD
"S.Faust" wrote:
>
> Faulty software
> ---------------
>
> Omni-NFS/X Enterprise version 6.1
>
> Product
> ---------
>
> Omni-NFS/X Enterprise is a X, NFS server solution for win32 systems.
> It is written by XLink Technology ( http://www.xlink.com ) .
>
> Vulnerability
> -------------
>
> The nfs daemon ( nfsd.exe ) used by Omni-NFS/X will jump to 100% cpu usage
> if you scan it
> using nmap with ether the -O (OS detect ) or the -sS ( TCP SYN (half open) )
> .
[ snip ]
>
> ------------------------------------------------
> Sacha Faust sfaust@isi-mtl.com
