Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:2083 |
Message | RPC rpc.xfsmd xfs_export attempt UDP |
Summary | xfsmd |
Impact | Possible root access and code execution. |
Detailed Information | It is possible for an attacker to exploit some versions of the xfsmd daemon. Due to a programming error, the service does not correctly check for certain meta-characters and they are not stripped from the request. The xfsmd daemon is not installed by default on IRIX systems but it is part of an optional package. |
Affected Systems | IRIX 6.2 IRIX 6.3 IRIX 6.4 IRIX 6.5.x |
Attack Scenarios | Exploits are widely available. |
Ease of Attack | Simple |
Corrective Action | Patches are NOT available for this issue. Disable and remove the xfsmd daemon. Uprade to the latest non affected version of the operating system |
Additional References | Bugtraq: http://www.securityfocus.com/bid/5075 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0359 SGI IRIX: ftp://patches.sgi.com/support/free/security/advisories/20020606-01-I |
Rule References | bugtraq: 5072 bugtraq: 5075 cve: 2002-0359 |
--
DID:314957
--
http://www.aanval.com/