GEN:SID 1:2185
Message RPC mountd UDP mount path overflow attempt
Summary This event is generated when an attempt is made to exploit a known vulnerability in the xlog function of certain Linux NFS Utils packages.

Specifically this event is generated when UDP is used as the attack medium.
Impact Denial of Service (DoS), possible arbitrary code execution.
Detailed Information The mountd Remote Procedure Call (RPC) implements the NFS mount protocol. A vulnerability exists in some versions of the Linux NFS Utilities package prior to 1.0.4 that can lead to the possible execution of arbitrary code or a DoS against the affected server.

A programming error in the xlog function may be exploited by an attacker by sending RPC requests to mountd that do not contain any newline characters. This causes a buffer to overflow thus presenting the attacker with the opportunity to execute code.
Affected Systems Systems using Linux NFS Utils prior to version 1.0.4.
Attack Scenarios An attacker may send a specially crafted RPC request that does not
contain any newline characters to the NFS server via TCP or UDP.
Ease of Attack Moderate.
Corrective Action Limit remote access to RPC services.

Filter RPC ports at the firewall to ensure access is denied to RPC-enabled machines.

Disable unneeded RPC services.

Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.
Additional References  
Rule References bugtraq: 8179
cve: 2003-0252
nessus: 11800