GEN:SID | 1:313 |
Message | EXPLOIT ntalkd x86 Linux overflow |
Summary | This event is generated when an attempt to exploit a buffer overflow condition in ntalkd is made.
|
Impact | Serious. System compromize presenting the attacker with the opportunity to gain remote access to the victim host or execute arbitrary code with the privileges of the superuser account.
|
Detailed Information | Some versions of the Network Talk Daemon (ntalkd) are vulnerable to a buffer overflow condition which can present the attacker with a root shell.
Talk is used to communicate between users of UNIX based operating systems. A vulnerability exists such that a buffer overflow condition in talk can be exploited by a malicious user. This may then present the attacker with the opportunity to gain root access to the target system.
Affected Versions: Multiple vendors
|
Affected Systems | |
Attack Scenarios | Once the overflow has been created, the attacker is able to supply incorrect hostname information to the target system and gain root access.
|
Ease of Attack | Simple.
|
Corrective Action | Upgrade to the latest non-affected version of the software.
Apply vendor supplied patches.
|
Additional References | Bugtraq: http://www.securityfocus.com/bid/210
|
Rule References | bugtraq: 210
|