Signature Detail
Short Name |
APP:DISTCC-EXEC |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Distributed C Compiler Vulnerability |
Release Date |
2005/03/18 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Distributed C Compiler Vulnerability
This signature detects attempts to exploit a known vulnerability in the Distributed C Compilation system implemented in Samba Distcc and Apple XCode. A successful attack can allow an attacker to remotely execute arbitrary commands.
Extended Description
The access controls for the 'distcc' program may malfunction under certain circumstances and may not be enforced. A remote attacker may potentially exploit this vulnerability to access the affected 'distcc' service, regardless of access-control rules that are set in place. This vulnerability is addressed in 'distcc' 2.16.
Affected Products
- distcc 2.10.0
- distcc 2.11.0
- distcc 2.12.0
- distcc 2.13.0
- distcc 2.14.0
- distcc 2.15.0
- distcc 2.7.0
- distcc 2.9.0
References
- BugTraq: 11319
- CVE: CVE-2004-0601
- CVE: CVE-2004-2687
- URL: http://distcc.samba.org/index.html
- URL: http://www.securityfocus.com/bid/11319