# Sun Solaris vulnerability: May 1



## eddie5659 (Mar 19, 2001)

Hiya

The rwall daemon (rpc.rwalld) is a utility that is used to listen for wall requests on the network. When a request is received, it calls wall, which sends the message to all terminals of a time-sharing system. A format string vulnerability may permit an intruder to execute code with the privileges of the rwall daemon. A proof of concept exploit is publicly available, but we have not seen active scanning or exploitation of this vulnerability.

Systems Affected
Sun Solaris 2.5.1, 2.6, 7, and 8

http://www.cert.org/advisories/CA-2002-10.html

Regards

eddie


----------

