Madrid, May 7 2002 - The Computer Emergency Response Team Coordination Center -CERT/CC- has published, at http://www.cert.org/advisories/CA-2002-11.html, a warning about a security problem in Sun Solaris' Cachefs daemon. The vulnerability, which affects versions 2.5.1, 2.6, 7 and 8 of Sun Solaris (SPARC and Intel architecture) stems from a remotely exploitable heap overflow, which could allow arbitrary code to be run on the affected system. As this daemon normally runs with root or administrator privileges, an attacker could take control of the entire affected system. CERT/CC has received reports of scanning and exploitation of Solaris systems running cachefsd. (*) 'Daemons' are programs designed to perform certain operations when a predetermined event takes place.