Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Gain a shell remotely --> Category: attack

rwhois format string attack (2) Vulnerability Scan


Vulnerability Scan Summary
Acertains if rwhois is vulnerable to a format string attack

Detailed Explanation for this Vulnerability Test

The remote rwhois daemon is vulnerable to a format string
attack when supplied malformed arguments to a malformed request.
(such as %p%p%p)

A possible hacker may use this flaw to gain a shell on this host.

*** Note that Nessus solely relied on the banner version to
*** issue this warning. If you manually patched rwhoisd, you
*** may not be vulnerable to this flaw

Threat Level: High
Solution : Disable this service or upgrade to version 1.5.7.3 or newer

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.