Preface: rpc.cmsd overflowLogo -Internet Security Systems

rpc.cmsd overflow
advICE :Intrusions : 2001717
 FAQ
Oh my gosh, I'm being HACKED!!!
How do I report the hacker to my ISP?
I'm seeing lots of attacks, is this normal?
Summary

An attempt to overflow a buffer on the Calendar Manager service has been detected. This can be used to execute arbitrary commands on the attacked system.

Details

The rpc.cmsd is a calender/appointment scheduler service. It is enabled by default on Sun Solaris machines. It can be accessed through the "Calendar Manager" on the older Openwindows environment, or through the "Calender" program in the newer CDE environment.

A buffer overflow exploit in this service was responsible for widespread web-site defacements and DDoS attacks during the later part of 1999 and early 2000.

 more information
advICE: rpc.cmsd  
 
CERT: CA-99-08-cmsd  
 
CVE-1999-0696   Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd)
 
BugtraqID: 524   Multiple Vendor rpc.cmsd Buffer Overflow Vulnerability
 
CIAC: J-051  
 
X-Force: 2345   sun-cmsd-bo
  
 
Version appeared: 1.8.6
Privacy Policy |  Copyright Info