Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
APP:DISTCC-EXEC |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Distributed C Compiler Vulnerability |
Release Date |
2005/03/18 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
APP: Distributed C Compiler Vulnerability
This signature detects attempts to exploit a known vulnerability in the Distributed C Compilation system implemented in Samba Distcc and Apple XCode. A successful attack can allow an attacker to remotely execute arbitrary commands.
Extended Description
The access controls for the 'distcc' program may malfunction under certain circumstances and may not be enforced. A remote attacker may potentially exploit this vulnerability to access the affected 'distcc' service, regardless of access-control rules that are set in place. This vulnerability is addressed in 'distcc' 2.16.
Affected Products
- Distcc distcc 2.10.0
- Distcc distcc 2.11.0
- Distcc distcc 2.12.0
- Distcc distcc 2.13.0
- Distcc distcc 2.14.0
- Distcc distcc 2.15.0
- Distcc distcc 2.7.0
- Distcc distcc 2.9.0
References
- BugTraq: 11319
- CVE: CVE-2004-0601
- CVE: CVE-2004-2687
- URL: http://distcc.samba.org/index.html
- URL: http://www.securityfocus.com/bid/11319
- URL: http://distcc.samba.org/security.html