MS.Windows.Rshd.Server.Remote.Stack.Overflow
Description
This indicates an attempt to exploit a Stack Based Buffer Overflow in Mike Dubman's Windows RSH daemon.
The vulnerability is in the RSHD daemon (rshd.exe). It is caused by a boundary check error and can be exploited via an overly long, specially crafted packet sent to the default port 514/TCP.
Affected Products
Mike Dubman Windows RSH daemon (rshd) 1.7 and 1.8
Impact
System Compromise: Remote code execution.
Denial of service.
Recommended Actions
Workaround: Use Secure Shell (sshd) as a replacement for rshd.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-07-05 | 14.644 |