Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Omni-NFS/X Enterprise (nfsd.exe) DOS

From: secureaustin () CONSULTANT COM (H D Moore)
Date: Wed, 6 Oct 1999 13:26:47 -0500

I could not reproduce this:

Target System:          Windows 98 (full updates) (AMD K6-III 450 / 128 Mb RAM)
Omni-NFS/X Version:     4.01

Tried each and every TCP/UDP nmap scan in 2.3 Beta 6
(RPC/SYN/FIN/XMAS/CONNECT/UDP/NULL/ETC) without the CPU usage going over
3% (and thats only when it hit port 111).  Could this be a vulnerability
in the NT Winsock API (looping select() or something similar)?

-HD

"S.Faust" wrote:


Faulty software



---------------

Omni-NFS/X Enterprise version 6.1

Product
---------

Omni-NFS/X Enterprise  is a X, NFS server solution for win32 systems.
It is written by XLink Technology ( http://www.xlink.com ) .

Vulnerability
-------------

The nfs daemon ( nfsd.exe ) used by Omni-NFS/X will jump to 100% cpu usage
if you scan it
using nmap with ether the -O (OS detect ) or the -sS ( TCP SYN (half open) )
.

[ snip ]


------------------------------------------------
Sacha Faust sfaust () isi-mtl com
Previous By Date Next
Previous By Thread Next

Current thread: