The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Openserver | Sco | 5.0.6 (including) | 5.0.6 (including) |
| Openserver | Sco | 5.0.7 (including) | 5.0.7 (including) |
| Unixware | Sco | 7.1.1 (including) | 7.1.1 (including) |
| Unixware | Sco | 7.1.3 (including) | 7.1.3 (including) |
| Unixware | Sco | 7.1.4 (including) | 7.1.4 (including) |
References
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.1/SCOSA-2005.1.txt
- http://secunia.com/advisories/13805
- http://www.securityfocus.com/archive/1/386814
- http://www.securityfocus.com/bid/12225
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.1/SCOSA-2005.1.txt
- http://secunia.com/advisories/13805
- http://www.securityfocus.com/archive/1/386814
- http://www.securityfocus.com/bid/12225