Title: Multiple BSD NFS Zero Length Payload RPC Message DoS
Aug 05, 2002
The Network File System (NFS) on FreeBSD, NetBSD and OpenBSD contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious user sends a RPC message containing a zero-length payload to a NFS server. This causes the NFS server to reference a previous payload and enter into an infinite loop, resulting in a loss of availability for the platform.
Remote / Network Access
Denial of Service,
Loss of Availability
Upgrade to FreeBSD version 4.6.1-RELEASE-p7 or higher, as it has been reported to fix this vulnerability. Also, FreeBSD has released patches for some older versions.
Upgrade to NetBSD version 1.6 after the correction date or higher, as it has been reported to fix this vulnerability.
Upgrade to OpenBSD version 3.2 or higher, as it has been reported to fix this vulnerability.