Solaris rpc.rwalld Remote Format String Arbitrary Code Execution

This script is Copyright (C) 2002-2014 Tenable Network Security, Inc.

Synopsis :

An RPC service is running.

Description :

The rpc.walld RPC service is running. Some versions of this server
allow an attacker to gain root access remotely, by consuming the
resources of the remote host then sending a specially formed packet
with format strings to this host.

Solaris 2.5.1, 2.6, 7, 8 and 9 are vulnerable to this issue. Other
operating systems might be affected as well.

Nessus did not check for this vulnerability, so this might be a false

Solution :

Deactivate this service.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true

Family: RPC

Nessus Plugin ID: 10950 ()

Bugtraq ID: 4639

CVE ID: CVE-2002-0573

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now