Showing results for 
Search instead for 
Did you mean: 

nmap breaks lockd

Dan Crossman

nmap breaks lockd

Hi all-

It seems a simple nmap scan can break lockd on HP-UX 11.31 with Sept2012 quality patches.
Running ServiceGuard 11.19 on Itanium with NFS toolkit.
This is easily reproducable on numerous servers and has recently caused a major disruption with our customers.
A search for critical fixes came up empty. Patch assesment came up empty also.


FEATURE11i B.11.31.1209.383a Feature Enablement Patches for HP-UX 11i v3, September 2012
HWEnable11i B.11.31.1209.383a Hardware Enablement Patches for HP-UX 11i v3, September 2012
QPKAPPS B.11.31.1209.383 Applications Patches for HP-UX 11i v3, September 2012
QPKBASE B.11.31.1209.383 Base Quality Pack Bundle for HP-UX 11i v3, September 2012
T1905CA A.11.19.00 Serviceguard
B5140BA A.11.31.06 Serviceguard NFS Toolkit

# nmap foobie
Starting Nmap 5.21 ( ) at 2013-02-06 07:48 PST
Nmap scan report for
Host is up (0.000086s latency).
Not shown: 984 closed ports
22/tcp open ssh
25/tcp open smtp
111/tcp open rpcbind
113/tcp open auth
135/tcp open msrpc
515/tcp open printer
587/tcp open submission
901/tcp open samba-swat
2049/tcp open nfs
2121/tcp open ccproxy-ftp
2301/tcp open compaqdiag
4045/tcp open lockd
5555/tcp open freeciv
5666/tcp open nrpe
5989/tcp open unknown
49152/tcp open unknown



Here is the output from syslog.log at the moment of nmap scan:

# tail -f /var/log/syslog/syslog.log
Feb 6 07:40:44 foobie nfs4cbd[1106]: t_accept(file descriptor 6/transport tcp) TLI error 6
Feb 6 07:40:44 foobie vmunix: WARNING: hpsol_strioctl(): TI_GETPEERNAME failed, T_ADDR_REQ fail error = ENOTCONN.
Feb 6 07:40:44 foobie vmunix:
Feb 6 07:40:44 foobie /usr/sbin/nfsd[2612]: unable to register with kernel rpc: Socket is not connected
Feb 6 07:40:44 foobie /usr/sbin/rpc.lockd[1087]: t_accept(file descriptor 7/transport tcp) TLI error 0


As you can see, lockd over tcp effectivly shuts down:


# rpcinfo -T tcp foobie nlockmgr
rpcinfo: RPC: Program not registered


UDP seems unaffected:


# rpcinfo -T udp foobie nlockmgr
program 100021 version 1 ready and waiting
program 100021 version 2 ready and waiting
program 100021 version 3 ready and waiting
program 100021 version 4 ready and waiting

Is HP aware of this vulnerability?

Thanks for your advice.



P.S.This thread has been moved from HP-UX >General to HP-UX > networking- HP Forums Moderator


Laurent Menase
Honored Contributor

Re: nmap breaks lockd

this should be asked to support or


Else you'll find it in


Update to the last ONCplus ( B.11.31.15) should work well for you.