Calendar Manager Service Rpc.cmsd Service Detection Network Vulnerability

Summary

This script detects the running 'rpc.cmsd' service on the host.

Impact

Successful exploitation could allow attackers to execute arbitrary code with the privileges of the rpc.cmsd daemon, typically root. With some configurations rpc.cmsd runs with an effective userid of daemon, while retaining root privileges. Impact Level: System

Solution

HEWLETT-PACKARD and Sun Microsystems, Inc have released a patch to fix this issue, please refer below link for more information. http://www.securityfocus.com/advisories/1691 http://www.securityfocus.com/advisories/1721 For other distributions please contact your vendor.

Insight

The flaw is due to error in the 'rpc.cmsd' service. If this service is running then disable it as it may become a security issue.

References

http://www.cert.org/advisories/CA-99-08-cmsd.html
http://www.iss.net/security_center/reference/vuln/sun-cmsd-bo.htm
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9908-102

Updated on 2015-03-25

Severity

Classification

CVE CVE-1999-0320, CVE-1999-0696

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Sun rpc.cmsd overflow
rpc.ypupdated remote execution
Calendar Manager Service rpc.cmsd Service Detection
Nfs-utils rpc.statd Multiple Remote Format String Vulnerabilities
CDE ToolTalk RPC Database Server Multiple Vulnerabilities

Take action and discover your vulnerabilities