cancel
Showing results for 
Search instead for 
Did you mean: 

mountdReserved vulnerability

SOLVED
Go to solution
pric moore
Occasional Advisor

mountdReserved vulnerability

A recent security scan shows my Tru64Unix 5.1 with a vulnerability.

MountdReserved: NFS mount daemon operating on an non-reserved port.

How do I change the port that mountd is using?
7 REPLIES
Johan Brusche
Honored Contributor

Re: mountdReserved vulnerability


What paranoiac makes you believe this is a vulnerability ?

__ Johan.

_JB_
pric moore
Occasional Advisor

Re: mountdReserved vulnerability

I don't believe it is a vulnerability. However, the tool (ISS Internet Scanner?) our security folks are running indicate that it is a Medium threat.

"The mountd daemon is running over a non-reserved port. This daemon is probably vulnerable to port hijacking and should be moved to a reserved port."

I just need to meet the requirements of security.
Johan Brusche
Honored Contributor
Solution

Re: mountdReserved vulnerability


Below an extract from the mountd page:


-r Listens for requests on a reserved port only. This is the default behavior.


So what port are they complaining about ?!

__ Johan.

_JB_
pric moore
Occasional Advisor

Re: mountdReserved vulnerability

My mountd man page does not show the -r option.

The complaint is about port 1029.
pric moore
Occasional Advisor

Re: mountdReserved vulnerability

/usr/sbin/rpcinfo -p|grep mountd shows that
mountd is running udp on port 1026 and tcp on port 983.

Johan Brusche
Honored Contributor

Re: mountdReserved vulnerability


mount manpage extract was from V5.1B+pk#4 system.

So you migth want to upgrade, in order to run a supported version again.

__ ;-) Johan.

_JB_
pric moore
Occasional Advisor

Re: mountdReserved vulnerability

Adding -p to /sbin/rc3.d/S19nfs (per suggestion) and restart resolved the issue.