MediumCheck or Attack Name: Mountd File Exists
This exploit can be used to determine what files exist on a machine running a vulnerable version of the RPC mountd service. The mountd service is used when mounting an NFS volume. A user using the mount or mount_nfs command can try to mount files on the remote host, and mountd will return a Permission denied error if it can't access the file, but will return a No such files or directory error if the file doesn't exist. An attacker can systematically scan a victim's system to see what software is running.
Upgrade your system's rpc.mountd daemon to a newer version.
BUGTRAQ Mailing List, Serious security flaw in rpc.mountd on several operating systems, http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.96.970824065001.7193A-100000@slartibartfast.sp.org
