NSI Rwhoisd Remote Format String Vulnerability

NSI Rwhoisd Remote Format String Vulnerability

Rwhoisd is a publicly available RWHOIS server daemon for Unix based systems developed and maintained by Network Solutions Inc.

Rwhoisd contains a remotely exploitable format string vulnerability. It is possible to overwrite memory by if a client supplies malicious format specifiers as the argument to the '-soa' directive.

Attackers may be able to execute arbitrary code on affected hosts.