GEN:SID 1:1751
Message EXPLOIT cachefsd buffer overflow attempt
Summary This event is generated when a buffer overflow attempt is made against a host using cachefsd.
Impact Serious. System compromize presenting the attacker with the opportunity to execute arbitrary code or gain remote access to the victim host.
Detailed Information A buffer overflow condition exists in the Cache File System daemon
(cachefsd) on certain versions of Solaris for SPARC and x86
architectures.

cachefsd is used to improve the performance of NFS servers.

Affected Systems:
    Solaris 5.5.1, 5.6, 5.7 and 5.8
Affected Systems  
Attack Scenarios Exploit scripts are available
Ease of Attack Simple. Exploits are available.
Corrective Action Upgrade to the latest non-affected version of the software.

Disable cachefsd.
Additional References AusCERT:
http://www.auscert.org.au/render.html?it=1918

CERT:
http://www.kb.cert.org/vuls/id/161931
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0084


Bugtraq:
http://www.securityfocus.com/bid/4631
Rule References bugtraq: 4631
cve: 2002-0084
nessus: 10951