[567] in bugtraq
Re: CERT, about NFS
daemon@ATHENA.MIT.EDU (Oliver Friedrichs)
Thu Dec 22 18:17:06 1994
Date: Thu, 22 Dec 1994 13:51:15 -0600 (CST)
From: Oliver Friedrichs <iceman@MBnet.MB.CA>
To: bugtraq@fc.net
In-Reply-To: <199412221559.KAA20809@csugrad.cs.vt.edu>
On Thu, 22 Dec 1994, Leo Bicknell wrote:
> I recall an old bug (possibly in a CERT advisory)
> about NFS and exporting to localhost. I can't remember what
> it is off the top of my head, and I'm not at school to look it up,
> but I think it was something along the lines of if you mounted
> a filesystem to localhost permissions were no longer checked for
> some reason.
The problem was that poor implementations of the portmapper would forward
a mount request for you (proxy). When they did this, it appeared as
though the request was coming from 'localhost', thus anyone with access
to your portmapper could mount any file systems exported to 'localhost'.
Essentially from anywhere on the net.
- Oliver
