Test ID:	1.3.6.1.4.1.25623.1.0.11418
Category:	RPC
Title:	Sun rpc.cmsd overflow
Summary:	The remote Sun rpc.cmsd has integer overflow problem in xdr_array. An attacker ;may use this flaw to execute arbitrary code on this host with the privileges;rpc.cmsd is running as (typically, root), by sending a specially crafted ;request to this service.
Description:	Summary: The remote Sun rpc.cmsd has integer overflow problem in xdr_array. An attacker may use this flaw to execute arbitrary code on this host with the privileges rpc.cmsd is running as (typically, root), by sending a specially crafted request to this service. Solution: We suggest that you disable this service and apply a new patch. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	BugTraq ID: 5356 Common Vulnerability Exposure (CVE) ID: CVE-2002-0391 ISS Security Advisory: 20020731 Remote Buffer Overflow Vulnerability in Sun RPC http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20823 Bugtraq: 20020731 Remote Buffer Overflow Vulnerability in Sun RPC (Google Search) http://marc.info/?l=bugtraq&m=102813809232532&w=2 Bugtraq: 20020801 RPC analysis (Google Search) http://marc.info/?l=bugtraq&m=102821785316087&w=2 Bugtraq: 20020802 MITKRB5-SA-2002-001: Remote root vulnerability in MIT krb5 admin (Google Search) http://marc.info/?l=bugtraq&m=102831443208382&w=2 http://www.cert.org/advisories/CA-2002-25.html CERT/CC vulnerability note: VU#192995 http://www.kb.cert.org/vuls/id/192995 AIX APAR: IY34194 http://archives.neohapsis.com/archives/aix/2002-q4/0002.html Caldera Security Advisory: CSSA-2002-055.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-055.0.txt Conectiva Linux advisory: CLA-2002:515 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000515 Conectiva Linux advisory: CLA-2002:535 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000535 Debian Security Information: DSA-142 (Google Search) http://www.debian.org/security/2002/dsa-142 Debian Security Information: DSA-143 (Google Search) http://www.debian.org/security/2002/dsa-143 Debian Security Information: DSA-146 (Google Search) http://www.debian.org/security/2002/dsa-146 Debian Security Information: DSA-149 (Google Search) http://www.debian.org/security/2002/dsa-149 Debian Security Information: DSA-333 (Google Search) http://www.debian.org/security/2003/dsa-333 En Garde Linux Advisory: ESA-20021003-021 http://www.linuxsecurity.com/advisories/other_advisory-2399.html FreeBSD Security Advisory: FreeBSD-SA-02:34.rpc http://marc.info/?l=bugtraq&m=102821928418261&w=2 HPdes Security Advisory: HPSBTL0208-061 http://online.securityfocus.com/advisories/4402 HPdes Security Advisory: HPSBUX0209-215 http://archives.neohapsis.com/archives/hp/2002-q3/0077.html http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:057 Microsoft Security Bulletin: MS02-057 http://www.microsoft.com/technet/security/bulletin/ms02-057.asp NETBSD Security Advisory: NetBSD-SA2002-011 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-011.txt.asc RedHat Security Advisories: RHSA-2002:166 http://rhn.redhat.com/errata/RHSA-2002-166.html http://www.redhat.com/support/errata/RHSA-2003-168.html RedHat Security Advisories: RHSA-2002:172 http://rhn.redhat.com/errata/RHSA-2002-172.html http://www.redhat.com/support/errata/RHSA-2002-173.html http://www.redhat.com/support/errata/RHSA-2002-167.html http://www.redhat.com/support/errata/RHSA-2003-212.html SGI Security Advisory: 20020801-01-A ftp://patches.sgi.com/support/free/security/advisories/20020801-01-A SGI Security Advisory: 20020801-01-P SuSE Security Announcement: SuSE-SA:2002:031 (Google Search) Bugtraq: 20020803 OpenAFS Security Advisory 2002-001: Remote root vulnerability in OpenAFS servers (Google Search) http://archives.neohapsis.com/archives/bugtraq/2002-07/0514.html Bugtraq: 20020802 kerberos rpc xdr_array (Google Search) http://online.securityfocus.com/archive/1/285740 Bugtraq: 20020909 GLSA: glibc (Google Search) http://marc.info/?l=bugtraq&m=103158632831416&w=2 http://www.iss.net/security_center/static/9170.php http://www.securityfocus.com/bid/5356 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A42 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4728 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9
Copyright	This script is Copyright (C) 2003 Xue Yong Zhi

This is only one of 58962 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: