|
|
Info |
Last Modified |
| 10 months ago |
|
|
|
|
Description |
The Unix daemon rpc.walld contains a flaw that may allow a malicious user to conduct social engineering attacks via spoofed messages. The issue is triggered when a user sends a message via the service, which checks to see if the message is being sent from a local or a remote user by examining whether stderr corresponds to a tty; if it does not, the program checks to see if the first five bytes of the message are "From:", and uses that string as the user from which the message will appear to have been sent. Thus, if a local user simply closes stderr and then sends their message, they can supply any username for the From: field, effectively allowing message spoofing that could result in a loss of integrity. If enough of these messages are sent in quick succession, a denial of service can be performed by filling users' screens and not allowing them to interact with the system.
|
|
Classification |
Location:
Local Access Required
Attack Type:
Denial of Service,
Input Manipulation
Impact:
Loss of Confidentiality,
Loss of Availability
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
|
|
Solution |
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: disable the rpc.walld service.
|
|
Products |
|
rpc.walld
 |
All Versions |
|
|
|
|
|
|
Credit |
Unknown or Incomplete
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
