NFS Sun File Handle Guess contents.gifindex.gif

NFS Sun File Handle Guess

This operation attempts to exploit the fact that Sun's file system does not pick truly random file handles. This makes them guessable, and the scanner can in many cases guess correctly. This vulnerability allows an intruder to access the file system, bypassing mountd security by guessing a file handle.

Note: This check is only effective against Sun file systems, and the guessing process is time-consuming. When this scan is not applicable to your network, or when time is an issue, you can turn off file handle guessing during a general scan of the network. Make a list of Sun machines in your network, and have the scanner scan those hosts with file handle guessing turned on.

Risk: High

Fix: Obtain the NFS jumble patch from your dealer to correct the vulnerability. After you install the latest NFS security patch, be sure to run fsirand on your entire file system.

Advisories: CA-91:21.SunOS.NFS.Jumbo.and.fsirand

SunOS patch ID: 100173-12 at Sun Patches