Andr0m3da
Power Member
Madrid, May 7 2002 - The Computer Emergency Response Team Coordination
Center -CERT/CC- has published, at
http://www.cert.org/advisories/CA-2002-11.html, a warning about a security
problem in Sun Solaris' Cachefs daemon.
The vulnerability, which affects versions 2.5.1, 2.6, 7 and 8 of Sun Solaris
(SPARC and Intel architecture) stems from a remotely exploitable heap
overflow, which could allow arbitrary code to be run on the affected system.
As this daemon normally runs with root or administrator privileges, an
attacker could take control of the entire affected system.
CERT/CC has received reports of scanning and exploitation of Solaris systems
running cachefsd.
(*) 'Daemons' are programs designed to perform certain operations when a
predetermined event takes place.
Center -CERT/CC- has published, at
http://www.cert.org/advisories/CA-2002-11.html, a warning about a security
problem in Sun Solaris' Cachefs daemon.
The vulnerability, which affects versions 2.5.1, 2.6, 7 and 8 of Sun Solaris
(SPARC and Intel architecture) stems from a remotely exploitable heap
overflow, which could allow arbitrary code to be run on the affected system.
As this daemon normally runs with root or administrator privileges, an
attacker could take control of the entire affected system.
CERT/CC has received reports of scanning and exploitation of Solaris systems
running cachefsd.
(*) 'Daemons' are programs designed to perform certain operations when a
predetermined event takes place.