ID de Prueba:	1.3.6.1.4.1.25623.1.0.10544
Categoría:	RPC
Título:	format string attack against statd
Resumen:	NOSUMMARY
Descripción:	Description: The remote statd service could be brought down with a format string attack - it now needs to be restarted manually. This means that an attacker may execute arbitrary code thanks to a bug in this daemon. Solution : upgrade to the latest version of rpc.statd Risk factor : High
Referencia Cruzada:	BugTraq ID: 1480 Common Vulnerability Exposure (CVE) ID: CVE-2000-0666 http://www.securityfocus.com/bid/1480 Bugtraq: 20000716 Lots and lots of fun with rpc.statd (Google Search) http://archives.neohapsis.com/archives/bugtraq/2000-07/0206.html Bugtraq: 20000717 CONECTIVA LINUX SECURITY ANNOUNCEMENT - nfs-utils (Google Search) http://archives.neohapsis.com/archives/bugtraq/2000-07/0230.html Bugtraq: 20000718 Trustix Security Advisory - nfs-utils (Google Search) http://archives.neohapsis.com/archives/bugtraq/2000-07/0236.html Bugtraq: 20000718 [Security Announce] MDKSA-2000:021 nfs-utils update (Google Search) http://archives.neohapsis.com/archives/bugtraq/2000-07/0260.html Caldera Security Advisory: CSSA-2000-025.0 http://www.calderasystems.com/support/security/advisories/CSSA-2000-025.0.txt http://www.cert.org/advisories/CA-2000-17.html Debian Security Information: 20000719a (Google Search) http://www.redhat.com/support/errata/RHSA-2000-043.html XForce ISS Database: linux-rpcstatd-format-overwrite(4939) https://exchange.xforce.ibmcloud.com/vulnerabilities/4939 Common Vulnerability Exposure (CVE) ID: CVE-2000-0800 SuSE Security Announcement: 20000810 Security Hole in knfsd, all versions (Google Search) http://www.novell.com/linux/security/advisories/suse_security_announce_58.html
Copyright	This script is Copyright (C) 2000 Renaud Deraison

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.