|
|
Family: Service detection --> Category: infos
DistCC Detection Vulnerability Scan
Vulnerability Scan Summary
Detect the presence of DistCC
Detailed Explanation for this Vulnerability Test
Synopsis :
A distributed compiler is listening on the remote port.
Description :
The remote host is running distcc, a distributed GCC compiler.
distcc allows a user to use the resources several hosts to
compile his programs more quickly.
As distcc allows anyone to execute arbitrary commands on the
remote host, it should be configured to only accept connections
from a restricted set of IP addresses, otherwise a possible hacker
can use it to obtain an interactive shell on the remote host,
with the rights of the distcc daemon (usually 'distccd')
Solution :
Filter incoming traffic to this port, or use the '-a' option
switch to restrict the set of IP addresses distcc will accept.
See also :
http://distcc.samba.org/security.html
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
