A remote code execution vulnerability exists in the SMBv2 protocol that could allow a remote anonymous attacker to run code with the privileges of the logged-on user. The risk is MEDIUM. Could allow a remote anonymous attacker to run code with the privileges of the logged-on user.
I am mounting a shared drive from RHEL 6.3 system to Windows server 2008 R2 system and then copying files from RHEL system to Windows Server 2008 R2 system through a shell scripts.At present, Micro Soft declared SMBv1 as vulnerable.I am using "mount -t cifs" to mound the shared drive.
Can I use... (2 Replies)
Hi there,
I am trying to find info about the commonly used ports and how it can be vulnerable and to identify them?
For example, I would like to identify how to man-in-the-middle using these ports 21(FTP),22(SSH),23(TELNET), (1 Reply)
SNMP Vulnerability:
In a few minutes wire services and other news sources will begin
breaking a story about widespread vulnerabilities in SNMP (Simple
Network Management Protocol). Exploits of the vulnerability cause
systems to fail or to be taken over. The vulnerability can be found in... (1 Reply)
rexd(1M)rexd(1M)NAME
rexd - RPC-based remote execution server
SYNOPSIS
log_file] mountdir]
DESCRIPTION
is the RPC server for remote command execution. A is started by when a remote execution request is received (see inetd(1M)). exits when
command execution has completed.
If the user ID (uid) in the remote execution request is assigned to a user on the server, executes the command as that user. If no user on
the server is assigned to the uid, does not execute the command. The option and security file allow for better access control (see
inetd.sec(4)).
For noninteractive commands, standard output and error file descriptors are connected to sockets. Interactive commands use pseudo termi-
nals for standard input, output, and error (see pty(7)).
If the file system specified in the remote execution request is not already mounted on the server, uses NFS to mount the file system for
the duration of the command execution (see nfs(7)). mounts file systems with the and options. For more details on mount options see
mount(1M). If the server cannot mount the file system, an error message is returned to the client. By default, any mount points required
by are created below To change the default location, use the option.
Options
recognizes the following options and command-line arguments:
Log any diagnostic, warning, and error messages to
log_file. If log_file exists, appends messages to the file. If log_file does not exist, creates it. Messages are
not logged if the option is not specified.
Information logged to the file includes date and time of the error, host name, process ID and name of the function
generating the error, and the error message. Note that different RPC services can share a single log file because
enough information is included to uniquely identify each error.
Create temporary mount points below directory
mountdir. By default, creates temporary mount points below The directory mountdir should have read and execute per-
mission for all users (mode 555). Otherwise, denies execution for users that do not have read and execute permis-
sion.
Use increased security checking.
When started with the option, denies execution access to a client unless one of the following conditions is met:
o The name of the client host is in file on the server.
o The user on the server that is associated with the uid sent by the client has an entry in specifying the client
name on a line or the client name followed by at least one blank and the user's name.
For example, assume a user whose login name is is assigned to uid 7 on and executes the following command:
User on must have one of the following entries in
DIAGNOSTICS
The following is a subset of the messages that could appear in the log file if the option is used. Some of these messages are also
returned to the client.
was unable to
the user's current working file system. See for more details.
The path name
mountdir, under which temporary mount points are created, is not a directory or does not exist.
could not find
command.
was denied permission to execute
command.
The executable file is currently open for writing.
was unable to execute
command.
does not allow execution as user
The uid uid is not assigned to a user on the server.
was started with the
option and the remote execution request did not meet either of the conditions required by the option.
The host host on which the user's current working directory is located is not running Therefore, is unable to mount the required
file system (see mountd(1M)).
The host on which the client's current working directory is located
does not have the server on the export list for file system file_system containing the client's current working direc-
tory. Therefore, is unable to mount the required file system.
WARNINGS
The client's environment is simulated by but not completely recreated. The simulation of the client's environment consists of mounting the
file system containing the client's current working directory (if it is not already mounted) and setting the user's environment variables
on the server to be the same as the user's environment variables on the client. Therefore a command run by does not always have the same
effect as a command run locally on the client.
The protocol only identifies the client user by sending the uid of the client process and the host name of the client. Therefore, it is
very difficult for to perform user authentication. If a user on the server is assigned to the uid sent by the client, executes the
requested command as that user. If no user on the client is assigned to the uid sent by the client, returns an error.
The option has been added to provide increased user authentication. However, the authentication provided is not foolproof, and is limited
by the information passed by the protocol.
In order to simulate the client's environment, mounts the file system containing the client's current working directory (if it is not
already mounted). This mount is intended to be temporary for the duration of the command.
If mounts a file system, it attempts to the file system after the command has completed executing. However, if receives a signal (see sig-
nal(2)), the file system is not unmounted. The file system remains mounted until the superuser executes the appropriate command or the
server is rebooted.
attempt to umount the file system can also fail if the file system is busy. The file system is busy if it contains an open file or a
user's current working directory. The file system remains mounted until the superuser executes the appropriate command or the server is
rebooted.
For more information on security issues, see Security issues and their consequences should be considered before configuring to run on a
system.
FILES
master pseudo terminals
slave pseudo terminals
master pseudo terminals
slave pseudo terminals
configuration file for inetd(1M)
list of equivalent hosts
user's private equivalence list
temporary mount points for remote file systems where
xxxxx is a string of alpha numeric characters.
AUTHOR
was developed by Sun Microsystems, Inc.
SEE ALSO on(1), inetd(1M), mount(1M), dfstab(4), inetd.conf(4), inetd.sec(4).
Using and Administering NFS Services
rexd(1M)