Vulnerabilities > CVE-2004-1039 - Denial of Service vulnerability in SCO UnixWare NFS Mountd

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

sco

NVD

Published: 2005-01-11

Updated: 2008-09-05

Summary

The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request.

Vulnerable Configurations

Part	Description	Count
OS	Sco SCO Openserver 5.0.6 SCO Openserver 5.0.7 SCO Unixware 7.1.1 SCO Unixware 7.1.3 SCO Unixware 7.1.4	5

References

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.1/SCOSA-2005.1.txt
http://secunia.com/advisories/13805
http://www.securityfocus.com/archive/1/386814
http://www.securityfocus.com/bid/12225