This script is Copyright (C) 2001-2013 Tenable Network Security, Inc.
Arbitrary code may be run on the remote server.
The remote rwhois daemon is vulnerable to a format string attack when
supplied malformed arguments to a malformed request (such as %p%p%p).
An attacker may use this flaw to gain a shell on this host.
*** Note that Nessus solely relied on the banner version to
*** issue this warning. If you manually patched rwhoisd, you
*** may not be vulnerable to this flaw
Disable this service or upgrade to version 22.214.171.124 or newer
Risk factor :
High / CVSS Base Score : 7.5
Family: Gain a shell remotely
Nessus Plugin ID: 10804 ()
CVE ID: CVE-2001-0913
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.