Unix Remote Procedure Calls Inherently Insecure

1990-01-01T00:00:00
ID OSVDB:3116
Type osvdb
Reporter OSVDB
Modified 1990-01-01T00:00:00

Description

Vulnerability Description

Remote Procedure Calls (RPCs) allow an administrator to execute commands on networked computers to make large scale administration more effecient. Because they are used to run administrative commands, the RPC services typically run with the highest privileges on the system. Due to a long history of easily exploited vulnerabilities, RPC services are a continued threat to any organization.

Solution Description

There are a number of measures administrators can take to help ensure the security of systems with RPC services:

  1. Disable any RPC service not essential to an organization.
  2. Explore other options for remote administration such as encrypted remote access (Secure Shell).
  3. Ensure all RPC services are up to date with the latest patches.
  4. Block access to RPC services. Only allow trusted hosts to reach them.
  5. Maintain the highest security posture possible on any machine with RPC services.

Short Description

Remote Procedure Calls (RPCs) allow an administrator to execute commands on networked computers to make large scale administration more effecient. Because they are used to run administrative commands, the RPC services typically run with the highest privileges on the system. Due to a long history of easily exploited vulnerabilities, RPC services are a continued threat to any organization.

References:

Keyword: SANS Top 20 2001 Unix Issue #01 Keyword: RPC Keyword: SANS Top 20 2003 Unix Issue #02 Keyword: SANS Top 20 2002 Unix Issue #01 Keyword: SANS Top 20 2000 Issue #03 Generic Informational URL: http://www.sans.org/top20/oct02.php#U1 Generic Informational URL: http://www.sans.org/top20/#u2 CERT: CA-2002-20 CERT: CA-2001-27 CERT: CA-2001-11 CERT: CA-2003-16 CERT: CA-2003-19 CERT: CA-2002-26 CERT: CA-1999-05 CERT: CA-2002-25 CERT: CA-2002-11 CERT: CA-1999-16 CERT: CA-2000-17 CERT: CA-2001-05 CERT: CA-2002-10 CERT: CA-2003-10 CERT: CA-1997-26 CERT: CA-1999-08 CERT: CA-1998-12