7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.013 Low
EPSS
Percentile
85.5%
A remotely exploitable format string vulnerability exists in the Referral Whois server daemon (RWhoisd).
As the Internet has grown, the centralized whois database was not able to scale. In order to deal with scaling the whois system, Referral Whois was developed. Referral Whois uses a de-centralized approach to housing and distributing the whois data.
Quoting from RFC 2167:
RWhois provides a distributed system for the discovery,retrieval, and maintenance of directory information. This system is primarily hierarchical by design. It allows for the deterministic routing of a query based on hierarchical tags, referring the user closer to the maintainer of the information. While RWhois can be considered a generic directory services protocol, it distinguishes itself from other protocols by providing an integrated, hierarchical architecture and query routing mechanism.
Because of a format string vulnerability in the print_error() function in the RWhois server code, an attacker can send specially crafted data to the RWhois server and overwrite certain areas of memory.
Exploitation of this vulnerability may lead to arbitrary code being executed with the privileges of the user running RWhoisd. The RWhois server can run as an unpriviledged user or root. These options are specified in the RWhois server configuration file.
Obtain a patch from your vendor.
825275
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: October 25, 2001 Updated: October 29, 2001
Affected
Please see <http://www.securityfocus.com/archive/1/[email protected]>
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23825275 Feedback>).
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
<http://www.securityfocus.com/bid/3474>
This document was written by Ian Finlay.
CVE IDs: | CVE-2001-0838 |
---|---|
Severity Metric: | 13.39 Date Public: |