Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.103553
Kategorie:Gain a shell remotely
Titel:DistCC Remote Code Execution Vulnerability
Zusammenfassung:DistCC 2.x, as used in XCode 1.5 and others, when not configured to restrict; access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which; are executed by the server without authorization checks.
Beschreibung:Summary:
DistCC 2.x, as used in XCode 1.5 and others, when not configured to restrict
access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which
are executed by the server without authorization checks.

Vulnerability Impact:
DistCC by default trusts its clients completely that in turn could
allow a malicious client to execute arbitrary commands on the server.

Solution:
Vendor updates are available. Please see the references for more
information.

For more information about DistCC's security see the references.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2004-2687
Bugtraq: 20050310 XCode 1.5 and distcc 2.x Exploit (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2005-03/0183.html
http://www.metasploit.org/projects/Framework/exploits.html#distcc_exec
http://lists.samba.org/archive/distcc/2004q3/002550.html
http://lists.samba.org/archive/distcc/2004q3/002562.html
http://www.osvdb.org/13378
CopyrightThis script is Copyright (C) 2012 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.