Nfs-utils Rpc.statd Multiple Remote Format String Vulnerabilities Network Vulnerability

Summary

The host is running statd service and is prone to multiple remote format string vulnerabilities.

Impact

Successful exploitation could allow attackers to execute arbitrary code with the privileges of the rpc.statd process, typically root. Impact Level: System/Application

Solution

Upgrade to latest of nfs-utils version 0.1.9.1 or later, For updates refer to http://sourceforge.net/projects/nfs/files/nfs-utils/

Insight

The flaws are due to errors in rpc.statd/kstatd daemons logging system. A call to syslog in the program takes data directly from the remote user, this data could include printf-style format specifiers.

References

http://support.coresecurity.com/impact/exploits/191000d57f477b31f74df301b1d96722.html
http://www.cert.org/advisories/CA-2000-17.html
http://www.iss.net/security_center/reference/vuln/RPC_Statd_Format_Attack.htm

Updated on 2015-03-25

Severity

Classification

CVE CVE-2000-0666, CVE-2000-0800
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Sun rpc.cmsd overflow
Calendar Manager Service rpc.cmsd Service Detection
CDE ToolTalk RPC Database Server Multiple Vulnerabilities
Nfs-utils rpc.statd Multiple Remote Format String Vulnerabilities
rpc.ypupdated remote execution

Take action and discover your vulnerabilities