It appears that NFS server and/or client and/or MOUNTD has
a security bug which allows an intruder to add shell
accounts to the /etc/passwd file. We had an attemted
breakin stopped only after the intruder tripped certain
security measures installed on the machine, but AFTER
successfull unauthorized login.
The NFS server was installed and running even though
NOTHING was shared through the NFS.
If you need more info on the subject, please contact
Alex Tsekhansky @
If this is a known bug, I would appreciate the info on the
upgrade to the latest nfs-* from the errata.