📄 1912.txt
字号:
Rule:--Sid:1912--Summary:This event is generated when an attempt is made to exploit a bufferoverflow associated with the Remote Procedure Call (RPC) sadmind.--Impact:Remote root access. This attack may permit execution of arbitrarycommands with the privileges of root.--Detailed Information:The sadmind RPC service is used by Solaris Solstice AdminSuiteapplications to perform remote distributed system administration taskssuch as adding new users. A buffer overflow associated with theNETMGT_PROC_SERVICE request of sadmind exists because of improper boundschecking. This may permit execution of arbitrary commands with theprivileges of root.--Affected Systems: Sun Solaris 2.5, 2.5.1, 2.6, 7.0--Attack Scenarios:Exploit code can be used to attack a vulnerable sadmind to obtain rootaccess to the remote host.--Ease of Attack:Simple. Exploit scripts are freely available. --False Positives:None Known.--False Negatives:None Known.--Corrective Action:Limit remote access to RPC services.Filter RPC ports at the firewall to ensure access is denied toRPC-enabled machines.Disable unneeded RPC services.--Contributors:Sourcefire Vulnerability Research TeamBrian Caswell <bmc@sourcefire.com>Judy Novak <judy.novak@sourcefire.com>--Additional References:--⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -