Calendar Manager Version


rpc.cmsd: A desktop calendar manager program, rpc.cmsd can be exploited through a buffer overflow attack. Possibly, some patched versions are exploitable.


A remote intruder can execute commands as root if the buffer overflow attack is successful.

The problem

The rpc.cmsd program (especially Solaris 2.5.x and 2.6, and IRIX 6.x) is exploitable for remote root access. Versions are vulnerable to a buffer overflow attack where a well crafted pattern could execute arbitrary commands as the root user


Other tips

CVE Reference(s):