Intrusion Prevention

Sun.Solaris.IN.RWHOD.Code.Execution

Description

It indicate a possible exploit of buffer overflow vulnerability in the rwho daemon (in.rwhod) for Solaris that may allow remote attackers to execute arbitrary code via a rwhod message without a null terminator in wd_hostname.

Affected Products

Sun Solaris 9.0 _x86
Sun Solaris 9.0
Sun Solaris 8.0 _x86
Sun Solaris 8.0
Sun Solaris 7.0 _x86
Sun Solaris 7.0

Impact

execute arbitrary code

Recommended Actions

Sun has released patches to address this issue.
Sun Solaris 7.0 _x86
* Sun 118240-01
Sun Solaris 7.0
* Sun 118239-01
Sun Solaris 8.0 _x86
* Sun 116985-01
Sun Solaris 8.0
* Sun 116984-01
Sun Solaris 9.0 _x86
* Sun 117456-01
Sun Solaris 9.0
* Sun 117455-01

CVE References

CVE-2004-1351