| VID |
17048 |
| Severity |
20 |
| Port |
111 |
| Protocol |
TCP,UDP |
| Class |
RPC |
| Detailed Description |
The portmapper service of RPC is running. This service will give to an attacker very useful information about which rpc service is running.
* References:
http://www.cert.org/advisories/CA-1993-15.html |
| Recommendation |
Stop rpcbind operation to prevent external access to the service.
1. Stop rpcbind with the command:
#rpcbind stop
2. Confirm that rpc service does not exist with the following command.
#rpcinfo -p
3. Check message
Rpcinfo: can¡¯t contact portmapper: RPC: Remote system error |
| Related URL |
CVE-1999-0168 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
80 (ISS) |
|
