Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> RPC >> dmisd service

Vulnerability Assessment Details

dmisd service

Vulnerability Assessment Summary
Checks the presence of a RPC service

Detailed Explanation for this Vulnerability Assessment

The dmisd RPC service is running.

This service uses the function xdr_array() of the RPC library.
It turns out that some older versions of the RPC library
are vulnerable to an integer overflow in this function,
which could permit a possible hacker to gain root rights on
this host.

*** No security hole regarding this program has been tested, so
*** this might be a false positive.

Solution : We suggest that you disable this service.
See also : http://www.cert.org/advisories/CA-2002-25.html
Network Security Threat Level: High

Networks Security ID: 5356

Vulnerability Assessment Copyright: This script is Copyright (C) 2003 Renaud Deraison

Cables, Connectors