Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:825275
HistoryOct 29, 2001 - 12:00 a.m.

NSI RWhoisd contains format string vulnerability in print_error()

2001-10-2900:00:00
www.kb.cert.org
17

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.5%

JSON

Overview

A remotely exploitable format string vulnerability exists in the Referral Whois server daemon (RWhoisd).

Description

As the Internet has grown, the centralized whois database was not able to scale. In order to deal with scaling the whois system, Referral Whois was developed. Referral Whois uses a de-centralized approach to housing and distributing the whois data.

Quoting from RFC 2167:

RWhois provides a distributed system for the discovery,retrieval, and maintenance of directory information. This system is primarily hierarchical by design. It allows for the deterministic routing of a query based on hierarchical tags, referring the user closer to the maintainer of the information. While RWhois can be considered a generic directory services protocol, it distinguishes itself from other protocols by providing an integrated, hierarchical architecture and query routing mechanism.

Because of a format string vulnerability in the print_error() function in the RWhois server code, an attacker can send specially crafted data to the RWhois server and overwrite certain areas of memory.

Impact

Exploitation of this vulnerability may lead to arbitrary code being executed with the privileges of the user running RWhoisd. The RWhois server can run as an unpriviledged user or root. These options are specified in the RWhois server configuration file.

Solution

Obtain a patch from your vendor.

Vendor Information

825275

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Arin __ Affected

Notified: October 25, 2001 Updated: October 29, 2001

Status

Affected

Vendor Statement

Please see <http://www.securityfocus.com/archive/1/[email protected]&gt;

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23825275 Feedback>).

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

<http://www.securityfocus.com/bid/3474&gt;

Acknowledgements

This document was written by Ian Finlay.

Other Information

CVE IDs: CVE-2001-0838
Severity Metric: 13.39 Date Public:

Related

nessus 1
cve 1
nessus
nessus
Network Solutions Rwhoisd -soa Command Remote Format String
2001-10-25 00:00:00
cve
cve
CVE-2001-0838
2001-12-06 05:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.5%

JSON
Related for VU:825275
nessus1cve1