CVE-2010-1039

Name of the Vulnerable Software and Affected Versions IBM AIX versions 6.1, 5.3 and earlier IBM VIOS versions 2.1, 1.5 and earlier NFS/ONCplus B.11.31 09 and earlier on HP HP-UX versions B.11.11, B.11.23, and B.11.31 SGI IRIX version 6.5

Description The issue allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name. This is due to a format string vulnerability in the msgout function in rpc.pcnfsd.

Recommendations For IBM AIX versions 6.1, 5.3 and earlier, update to a version that fixes the format string vulnerability in the msgout function. For IBM VIOS versions 2.1, 1.5 and earlier, update to a version that fixes the format string vulnerability in the msgout function. For NFS/ONCplus B.11.31 09 and earlier on HP HP-UX versions B.11.11, B.11.23, and B.11.31, update to a version that fixes the format string vulnerability in the msgout function. For SGI IRIX version 6.5, update to a version that fixes the format string vulnerability in the msgout function.