GEN:SID | 1:1751 |
Message | EXPLOIT cachefsd buffer overflow attempt |
Summary | This event is generated when a buffer overflow attempt is made against a host using cachefsd.
|
Impact | Serious. System compromize presenting the attacker with the opportunity to execute arbitrary code or gain remote access to the victim host.
|
Detailed Information | A buffer overflow condition exists in the Cache File System daemon (cachefsd) on certain versions of Solaris for SPARC and x86 architectures.
cachefsd is used to improve the performance of NFS servers.
Affected Systems: Solaris 5.5.1, 5.6, 5.7 and 5.8
|
Affected Systems | |
Attack Scenarios | Exploit scripts are available
|
Ease of Attack | Simple. Exploits are available.
|
Corrective Action | Upgrade to the latest non-affected version of the software.
Disable cachefsd.
|
Additional References | AusCERT: http://www.auscert.org.au/render.html?it=1918
CERT: http://www.kb.cert.org/vuls/id/161931 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0084
Bugtraq: http://www.securityfocus.com/bid/4631
|
Rule References | bugtraq: 4631
cve: 2002-0084
nessus: 10951
|