RPC: Solaris snmpXdmid Buffer Overflow

This signature detects attempts to exploit a known vulnerability against snmpXdmid, the SNMP-to-DMI and DMI-to-SNMP mapper daemon in Solaris. Attackers can send a maliciously crafted DMI request, which the snmpXdmid attempts to translate into an SNMP trap, causing a buffer overflow, and allowing the attacker to execute arbitrary commands.

Extended Description

Versions 2.6, 7, and 8 of Sun Microsystem's Solaris operating environment ship with service called 'snmpXdmid'. This daemon is used to map SNMP management requests to DMI requests and vice versa. SnmpXdmid contains a remotely exploitable buffer overflow vulnerability. The overflow occurs when snmpXdmid attempts to translate a 'malicious' DMI request into an SNMP trap. SnmpXdmid runs with root privileges and any attacker to successfully exploit this vulnerability will gain superuser access immediately.

Affected Products

Sun solaris

References

BugTraq: 2417

CVE: CVE-2001-0236

URL: http://archives.neohapsis.com/archives/bugtraq/2001-03/0175.html http://www.ciac.org/ciac/bulletins/l-065.shtml http://www.kb.cert.org/vuls/id/648304

Short Name

RPC:RPC.SNMPXDMID:OVERFLOW

Severity

Critical

Recommended

False

Recommended Action

Drop

RPC: Solaris snmpXdmid Buffer Overflow

Extended Description

Affected Products

References

Found a potential security threat?