Signature Detail

Short Name	RPC:RPC.WALLD:SYSLOG-FS
Severity	High
Recommended	No
Recommended Action	Drop
Category	RPC
Keywords	Sun Solaris RWall Daemon Syslog Format String
Release Date	2006/01/25
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

RPC: Sun Solaris RWall Daemon Syslog Format String

This signature detects attempts to exploit a known vulnerability against Sun Solaris RWall Daemon. A successful attack can lead to arbitrary code execution.

Extended Description

Solaris is the freely available UNIX-derivative operating system developed and distributed by Sun Microsystems. A format-string vulnerability allows attackers to execute arbitrary code on vulnerable systems. When malicious format strings are sent from one system to another, an insecure 'syslog' call may allow a remote attacker to exploit the call to execute arbitrary code.

Affected Products

Sun Solaris 2.5.1
Sun Solaris 2.5.1_x86
Sun Solaris 2.6
Sun Solaris 2.6_x86
Sun Solaris 7.0
Sun Solaris 7.0_x86
Sun Solaris 8 Sparc
Sun Solaris 8 X86
Sun Solaris 9 Sparc

References

BugTraq: 4639
CERT: CA-2002-10
CVE: CVE-2002-0573
URL: http://www.kb.cert.org/vuls/id/638099

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

RPC: Sun Solaris RWall Daemon Syslog Format String

Extended Description

Affected Products

References