>Rpc Mountd Bug

February 1, 2011 at 11:20 pm | Posted in computer and high technology, Hacking, Tutorial | Leave a comment

>Recently I noticed that one can discover what files any machine contains
so long as rpc.mountd on that machine has permissions to read it.
rpc.mountd usually runs as root, so this is pottentially a severe
vulnerability.
Here’s what happens. If I try to mount /etc/foobar on my Linux box (this
has been tested with Ultrix also), and /etc/foobar does not exist, I get
this error:

slartibartfast:~# mount slarti:/etc/foobar /mnt
mount: slarti:/etc/foobar failed, reason given by server: No such file or
directory
slartibartfast:~#

If the file does exist, and I don’t have permission to read it, I get this
error:

slartibartfast:~# mount slarti:/etc/passwd /mnt
mount: slarti:/etc/passwd failed, reason given by server: Permission denied
slartibartfast:~#

File Bug In : http://xrobot.mobi/crut/file/rpc.mountd_bug.txt

Guest Post : http://xrobot.mobi

Leave a Comment »

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.
Entries and comments feeds.

%d bloggers like this: