
NFS Sun File Handle Guess
This operation attempts to exploit the fact that Sun's file system does not
pick truly random file handles. This makes them guessable, and the scanner can in
many cases guess correctly. This vulnerability allows an intruder to access
the file system, bypassing mountd security by guessing a file handle.
Note: This check is only effective against Sun file systems, and the guessing
process is time-consuming. When this scan is not applicable to your network, or when
time is an issue, you can turn off file handle guessing during a general scan
of the network. Make a list of Sun machines in your network, and have the
scanner scan those hosts with file handle guessing turned on.
Risk: High
Fix: Obtain the NFS
Advisories:
SunOS patch ID: 100173-12 at