rwhod Remote Denial of Service Vulnerability
BID:2473
Info
rwhod Remote Denial of Service Vulnerability
| Bugtraq ID: | 2473 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Mar 12 2001 12:00AM |
| Updated: | Mar 12 2001 12:00AM |
| Credit: | Mark Huizer is credited in the FreeBSD advisory FreeBSD-SA-01:29. |
| Vulnerable: |
FreeBSD FreeBSD 4.2 -STABLEpre122300 FreeBSD FreeBSD 4.2 -RELEASE FreeBSD FreeBSD 4.2 FreeBSD FreeBSD 4.1.1 -STABLE FreeBSD FreeBSD 4.1.1 -RELEASE FreeBSD FreeBSD 4.1.1 FreeBSD FreeBSD 4.1 FreeBSD FreeBSD 4.0 .x FreeBSD FreeBSD 4.0 FreeBSD FreeBSD 3.5.1 -RELEASE FreeBSD FreeBSD 3.5.1 FreeBSD FreeBSD 3.5 x FreeBSD FreeBSD 3.5 -STABLEpre122300 FreeBSD FreeBSD 3.5 FreeBSD FreeBSD 3.4 x FreeBSD FreeBSD 3.4 FreeBSD FreeBSD 3.3 x FreeBSD FreeBSD 3.3 FreeBSD FreeBSD 3.2 x FreeBSD FreeBSD 3.2 FreeBSD FreeBSD 3.1 x FreeBSD FreeBSD 3.1 FreeBSD FreeBSD 3.0 FreeBSD FreeBSD 3.x Apple Mac OS X 10.0.4 Apple Mac OS X 10.0.3 Apple Mac OS X 10.0.2 Apple Mac OS X 10.0.1 Apple Mac OS X 10.0 |
| Not Vulnerable: |
FreeBSD FreeBSD 4.2 -STABLE FreeBSD FreeBSD 3.5 -STABLE Apple Mac OS X 10.1 |
Discussion
rwhod Remote Denial of Service Vulnerability
The rwhod daemon maintains status information of networked machines and serves this information to an rwho client. This daemon is vulnerable to a denial of service, which does NOT affect other processes (unless they are reliant upon rwhod data for proper functioning). The problem results from an inability to process unexpectedly short rwho data sent to the daemon over the network.
The rwhod daemon maintains status information of networked machines and serves this information to an rwho client. This daemon is vulnerable to a denial of service, which does NOT affect other processes (unless they are reliant upon rwhod data for proper functioning). The problem results from an inability to process unexpectedly short rwho data sent to the daemon over the network.
Solution / Fix
rwhod Remote Denial of Service Vulnerability
Solution:
Mac OS X v10.1 is not vulnerable to this issue. FreeBSD has released the following patch:
FreeBSD FreeBSD 3.5.1 -RELEASE
FreeBSD FreeBSD 4.2 -RELEASE
Solution:
Mac OS X v10.1 is not vulnerable to this issue. FreeBSD has released the following patch:
FreeBSD FreeBSD 3.5.1 -RELEASE
-
FreeBSD SA-01:29 rwhod.patch
According to the vendor, "This patch has been verified to apply to FreeBSD 4.2-RELEASE and FreeBSD 3.5.1-RELEASE. It may or may not apply to older releases."
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-01:29/rwhod.patch
FreeBSD FreeBSD 4.2 -RELEASE
-
FreeBSD SA-01:29 rwhod.patch
According to the vendor, "This patch has been verified to apply to FreeBSD 4.2-RELEASE and FreeBSD 3.5.1-RELEASE. It may or may not apply to older releases."
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-01:29/rwhod.patch