remwatch daemon command execution 1.0
 
Plugin ID292
Plugin nameremwatch daemon command execution
Plugin filenameremwatch daemon command execution.plugin
Plugin filesize2071 bytes
Plugin familyBackdoors
Plugin created nameMarc Ruef
Plugin created emailmarc.ruef at computec.ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2005/01/04
Plugin version1.0
Plugin protocoltcp
Plugin port5556
Plugin procedure exploitopen|sleep|send 11T ;id\n|sleep|close|pattern_exists uid=
Plugin exploit accuracy98
Plugin commentThe NASL script is Copyright (C) 1999 Renaud Deraison
Bug affectedremwatch daemon
Bug vulnerability classConfiguration
Bug descriptionremwatch is installed and allows anyone to execute arbitrary commands. An attacker may issue shell commands as root by connecting to the remwatch daemon, and issue the command : ' 11T ; /bin/ksh'.
Bug solutionDeactivate the remwatch service. Contact your vendor for a patch.
Bug fixing timeApprox. 30 minutes
Bug exploit availabilityYes
Bug remoteYes
Bug localYes
Bug severityHigh
Bug popularity6
Bug simplicity9
Bug impact9
Bug risk8
Bug Nessus riskHigh
Bug check toolsNessus can check this flaw with the plugin 10202 (remwatch).
Source CVECAN-1999-0246
Source Nessus ID10202
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.