Calendar Manager Version
Summary
rpc.cmsd: A desktop calendar manager program, rpc.cmsd can
be exploited through a buffer overflow attack. Possibly, some patched
versions are exploitable.
Impact
A remote intruder can execute commands as root if the buffer overflow
attack is successful.
The problem
The rpc.cmsd program (especially Solaris 2.5.x and 2.6, and IRIX 6.x)
is exploitable for remote root access. Versions are vulnerable to a buffer
overflow attack where a well crafted pattern could execute arbitrary
commands as the root user
Fix
- Where possible, disable rpc.cmsd in the inetd.conf file.
- Otherwise, patch the system to a version that is not vulnerable to
the buffer overflow attack. However, there are reports that even patched
versions may be vulnerable.
Other tips
This vulnerability has not been reported to the public by any of the
CERT organizations (as of 07/08/99).