Added: 03/12/2007
CVE: CVE-2001-0236
BID: 2417
OSVDB: 546
The SNMP to DMI mapper daemon (snmpXdmid) translates Simple Network Management Protocol (SNMP) events to Desktop Management Interface (DMI) indications and vice-versa.
snmpXdmid is affected by a buffer overflow vulnerability when a specially crafted indication event is translated into an SNMP trap. This could allow a remote attacker to execute arbitrary commands.
Apply one of the patches referenced in Sun Bulletin 00207 or disable snmpXdmid as shown in CERT Advisory 2001-05.
<http://www.cert.org/advisories/CA-2001-05.html>
There may be a delay before this exploit succeeds.
SunOS 5.7 / Solaris 7
SunOS 5.8 / Solaris 8