| VID |
17026 |
| Severity |
40 |
| Port |
111 |
| Protocol |
TCP,UDP |
| Class |
RPC |
| Detailed Description |
The fam RPC service is running. Several versions of this service have a well-known buffer oveflow condition that allows intruders to execute arbitrary commands as root on this system.
* References:
http://www.iss.net/security_center/static/325.php
http://packetstormsecurity.nl/advisories/nai/SNI-15.FAM.advisory |
| Recommendation |
Disable the 'fam' rpc service if it's not needed, or use it after asking to the vendor whether not to be vulnerable.
Solaris 10, Solaris 11, Enterprise Linux 6.4, CentOS 6.4, Fedora 19:
1. you become a root, and then stop the service like the following:
# rpcinfo -d [program num] [version num]
2. comment its entry by putting a # at the beginning of the line with 'fam' in /etc/rpc
3. # pkill -HUP (x)inetd |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
