RPC: IN.rwhod Hostname NULL Byte Code Injection
This signature detects a maliciously crafted IN.rwhod packet. By sending a packet containing a NULL byte in the Hostname field to the "rwhod" service, an attacker can execute arbitrary code on the server.
Extended Description
Sun Solaris in.rwhod(1M) daemon is reported prone to an unspecified vulnerability that may allow for remote code execution. The vendor disclosed this issue, however, no further details are currently available. If successfully exploited, this vulnerability can result in an attacker gaining superuser privileges on a vulnerable computer. This BID will be updated when more information becomes available.
Affected Products
Sun solaris
Short Name
RPC:RWHOD:RWHOD-NULL-INJ
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
RPC
Keywords
Byte CVE-2004-1351 Code Hostname IN.rwhod Injection NULL bid:11840
Release Date
12/14/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
UDP/513
False Positive
Unknown
Vendors
Sun
CVSS Score
10.0