Automounter Version
Summary
amd: This daemon automatically mounts file systems in response to
attempts to access files that reside on those file systems. Similar
functionality on some systems is provided by a daemon named automountd.
Linux and BSD oriented systems are especially vulnerable.
Impact
A remote intruder can execute commands as root if the buffer overflow
attack is successful.
The problem
The amd (or automountd) daemon is exploitable for remote root access.
Versions are vulnerable to a buffer overflow attack where a well crafted
pattern could execute arbitrary commands as the root user.
Fix
- Where possible, disable amd (or automountd) in inetd.conf file
or the appropriate init.d file.
- Otherwise, patch the system to a version that is not vulnerable to
the buffer overflow attack.
Other tips
CERT released
CA-99-12 advisory on this topic.