RSH: Microsoft Windows RSH Daemon Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Microsoft Windows RSH Daemon. A successful attack allows attackers to execute arbitrary code within the context of the affected application.
Extended Description
Windows RSH daemon ('rshd') is prone to a stack-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service. This issue affects Windows rshd 1.8; other versions may also be affected.
Affected Products
Windows_rsh_daemon windows_rsh_daemon
Short Name
RSH:OVERFLOW:WINRSHD-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
RSH
Keywords
Buffer CVE-2007-4006 Daemon Microsoft Overflow RSH Windows bid:25044
Release Date
05/18/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Windows_rsh_daemon
CVSS Score
6.8