Bugtraq mailing list archives

Re: CERT, about NFS

From: iceman () MBnet MB CA (Oliver Friedrichs)
Date: Thu, 22 Dec 1994 13:51:15 -0600 (CST)


On Thu, 22 Dec 1994, Leo Bicknell wrote:

      I recall an old bug (possibly in a CERT advisory)
about NFS and exporting to localhost.  I can't remember what
it is off the top of my head, and I'm not at school to look it up,
but I think it was something along the lines of if you mounted
a filesystem to localhost permissions were no longer checked for
some reason.


The problem was that poor implementations of the portmapper would forward 
a mount request for you (proxy).  When they did this, it appeared as 
though the request was coming from 'localhost', thus anyone with access 
to your portmapper could mount any file systems exported to 'localhost'.
Essentially from anywhere on the net.

- Oliver

Current thread:

CERT, about NFS der Mouse (Dec 21)
- Re: CERT, about NFS John Hawkinson (Dec 21)
- Re: CERT, about NFS Jim Duncan (Dec 21)
  - Re: CERT, about NFS Scott Schwartz (Dec 21)
- Bugtraq reorganization notes Kevin at Freeside Support (Dec 21)
- Re: CERT, about NFS Leo Bicknell (Dec 22)
  - Re: CERT, about NFS Oliver Friedrichs (Dec 22)
  - (fwd) HP-UX 9.x: /usr/lib/expreserve creates files anywhere (fwd) Paul 'Shag' Walmsley (Dec 22)
  - Re: CERT, about NFS Chris Ellwood (Dec 22)
    - Re: CERT, about NFS Paul 'Shag' Walmsley (Dec 22)
- <Possible follow-ups>
- Re: CERT, about NFS Dave Mitchell (Dec 22)
  - Re: CERT, about NFS Steinar Haug (Dec 22)
- Re: CERT, about NFS Bela Lubkin (Dec 22)
- Re: CERT, about NFS der Mouse (Dec 22)
  - Re: CERT, about NFS Scott Schwartz (Dec 22)
- Re: CERT, about NFS phil servita (Dec 22)