Intrusion Prevention



This indicates a format string vulnerability in Sun Solaris rwall daemon (rpc.rwalld).
The rwall daemon is a utility in Sun Solaris that listens for remote wall requests on a network. There is a vulnerability in Solaris versions 2.6, 7, and 8 that allows remote attackers to execute arbitrary code on a target system by sending a specially-crafted string to rpc.rwalld.

Affected Products

Any unprotected Sun Solaris 2.6, 7 or 8 is vulnerable to the attack.


Attackers can execute arbitrary code on the system with root privileges.

Recommended Actions

Apply appropriate patches from Sun and/or upgrade the program to the latest non-vulnerable version from the following URL:

CVE References


Other References

1 1