| VID |
17017 |
| Severity |
20 |
| Port |
111 |
| Protocol |
TCP,UDP |
| Class |
RPC |
| Detailed Description |
The 3270 mapper RPC service is running. Clients wishing to communicate with some mainframes are required to use a 3270 terminal emulation program, which under many implementations requires this service to be running. The 3270_mapper registers with the RPC portmapper as program 100013.
* References:
http://www.iss.net/security_center/static/267.php
http://www.securityspace.com/smysecure/catid.html?id=10208 |
| Recommendation |
If you do not use this service, then disable it as it may become a security threat in the future, if a vulnerability is discovered, or use it after asking to the vendor whether not to be vulnerable.
HP-UX, AIX, Solaris 9 and lower version:
first, you become a root, and then stop the service like the following:
# rpcinfo -d [program num] [version num]
And comment its entry by putting a # at the beginning of the line '3270_mapper' and revoke 'inetd' daemon.
Solaris 10, Solaris 11, Enterprise Linux 6.4, CentOS 6.4, Fedora 19:
1. you become a root, and then stop the service like the following:
# rpcinfo -d [program num] [version num]
2. comment its entry by putting a # at the beginning of the line with '3270_mapper' in /etc/rpc
3. # pkill -HUP (x)inetd |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
