|
Family: RPC --> Category: destructive_attack
Sun portmap xdrmem_getbytes() overflow Vulnerability Scan
Vulnerability Scan Summary Checks for the xdrmem_getbytes() overflow
Detailed Explanation for this Vulnerability Test
The RPC library has an integer overflow in the function
xdrmem_getbytes().
A possible hacker may use this flaw to execute
arbitrary code on this host with the rights
your RPC programs are running with (typically, root), by
sending a specially crafted request to them.
Nessus used this flaw to crash your portmapper.
Solution : See http://www.cert.org/advisories/CA-2003-10.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|