| VID |
17024 |
| Severity |
40 |
| Port |
111 |
| Protocol |
TCP |
| Class |
RPC |
| Detailed Description |
The cachefsd RPC service is running.
The cachefsd program is installed (and started) by default on all versions of SUN's Solaris operating system starting from version 2.6. The purpose of this program is to cache requests for operations on remote file systems mounted with the use of NFS protocol. In the Solaris operating system, the cachefsd service is installed as RPC service with a number 100235.
There exists a security vulnerability in the cachefsd service, which can be remotely exploited to gain unauthorised access to the system with administrative (root user) privileges. The problem is due to insufficient bounds checking on mounts that are supplied by a user.
* Note that the Scanner solely relied on whether the service was running or not, to assess this vulnerability, so this might be a false positive.
* References:
http://online.securityfocus.com/bid/4674
http://www.cert.org/advisories/CA-2002-11.html
* Platforms Affected:
Solaris 2.6, 7, 8 SPARC and x86 |
| Recommendation |
Disable cachefsd RPC services if you don't use it (comment out cachefsd service lines in /etc/inetd.conf).
-- OR --
Upgrade to the appropriate fixed binaries, as listed in the Sun Alert Notification available at http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F44309 |
| Related URL |
CVE-2002-0033 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
