RPC bootparamd Service Information Disclosure (Deprecated)

medium Nessus Plugin ID 10031

Language:

Synopsis

This plugin has been deprecated.

Description

The bootparamd RPC service is running. It is used by diskless clients to get the necessary information needed to boot properly.

If an attacker uses the BOOTPARAMPROC_WHOAMI and provides the correct address of the client, then he will get its NIS domain back from the server. Once the attacker discovers the NIS domain name, he may easily get your NIS password file.

Plugin Details

Severity: Medium

ID: 10031

File Name: bootparamd.nasl

Version: 1.31

Type: remote

Family: RPC

Published: 8/30/1999

Updated: 4/16/2019

Supported Sensors: Nessus

Vulnerability Information

Required KB Items: rpc/portmap

Vulnerability Publication Date: 1/1/1991

Detections

Analytics