RSH: Buffer Overflow Command
This protocol anomaly triggers when it detects an RSH connection with a specified command line that is too long. This can indicate a buffer overflow attempt.
Extended Description
Windows RSH daemon ('rshd') is prone to a stack-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service. This issue affects Windows rshd 1.8; other versions may also be affected.
Affected Products
Windows_rsh_daemon windows_rsh_daemon
Short Name
RSH:OVERFLOW:COMMAND
Severity
Major
Recommended
False
Recommended Action
None
Category
RSH
Keywords
CVE-2007-4006 bid:25044
Release Date
08/27/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Windows_rsh_daemon
CVSS Score
6.8