MS.Windows.Rshd.Server.Remote.Stack.Overflow

description-logoDescription

This indicates an attempt to exploit a Stack Based Buffer Overflow in Mike Dubman's Windows RSH daemon.
The vulnerability is in the RSHD daemon (rshd.exe). It is caused by a boundary check error and can be exploited via an overly long, specially crafted packet sent to the default port 514/TCP.

affected-products-logoAffected Products

Mike Dubman Windows RSH daemon (rshd) 1.7 and 1.8

Impact logoImpact

System Compromise: Remote code execution.
Denial of service.

recomended-action-logoRecommended Actions

Workaround: Use Secure Shell (sshd) as a replacement for rshd.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-07-05 14.644