The summary basically says it. I run a single 4.2 nfs server
on campus to support the installation of workstations. For
the last month or so, mountd on this server has repeatedly
segfaulted. The debug log shows nothing useful. I have a
packet trace (including all the data) from an attack that
used the portmapper, but not the exploit program itself.
The string 'Privet ADMcrew' appears in the packet

I'm pretty sure I'm running the most recent nfs-server
release:

linuxbuild /dist/src  > rpm -q nfs-server
nfs-server-2.2beta37-0
linuxbuild /dist/src  > rpm -V nfs-server
S.5....T c /etc/exports
....L... c /etc/rc.d/rc0.d/K20nfs
....L... c /etc/rc.d/rc1.d/K20nfs
....L... c /etc/rc.d/rc2.d/K20nfs
....L... c /etc/rc.d/rc3.d/S60nfs
.M...... c /etc/rc.d/rc5.d/S60nfs
....L... c /etc/rc.d/rc6.d/K20nfs
missing    /usr/doc/nfs-server-2.2beta37
missing    /usr/doc/nfs-server-2.2beta37/NEWS
missing    /usr/doc/nfs-server-2.2beta37/README
linuxbuild /dist/src  > rpm -V -p
/dist/redhat/updates/RPMS/nfs-server-2.2beta37-0.i386.rpm
S.5....T c /etc/exports
....L... c /etc/rc.d/rc0.d/K20nfs
....L... c /etc/rc.d/rc1.d/K20nfs
....L... c /etc/rc.d/rc2.d/K20nfs
....L... c /etc/rc.d/rc3.d/S60nfs
.M...... c /etc/rc.d/rc5.d/S60nfs
....L... c /etc/rc.d/rc6.d/K20nfs
missing    /usr/doc/nfs-server-2.2beta37
missing    /usr/doc/nfs-server-2.2beta37/NEWS
missing    /usr/doc/nfs-server-2.2beta37/README
linuxbuild /dist/src  > md5
/dist/redhat/updates/RPMS/nfs-server-2.2beta37-0.i386.rpm
MD5
(/dist/redhat/updates/RPMS/nfs-server-2.2beta37-0.i386.rpm)
= 31cf25a52d81b411b5771c8068a4bcec