GEN:SID 1:3061
Message MISC distccd command execution attempt
Summary This event is generated when an attempt is made to connect to the distcc
daemon.
Impact Serious. Execution of arbitrary commands may be possible.
Detailed Information Distcc is an open source distributed C/C++ compiler that can be used
to compile code on remote hosts that run the distcc daemon.  A vulnerability
exists in the handling of commands that are generated via a distcc client.  The
server does not ensure that compile commands only are sent to it.  A command
sequence can be created that executes commands on a vulnerable server.  No
authentication is required to execute a command on a distcc server.
Affected Systems 2.18.3 and prior
Attack Scenarios An attacker can generated a valid distcc command sequence that executes
a command other than a compile on a vulnerable distcc server.
Ease of Attack Simple.
Corrective Action Use the --allow <hosts> option when starting the distcc daemon
to specify authorized client hosts.
Additional References  
Rule References url: distcc.samba.org/security.html