amd: This daemon automatically mounts file systems in response to
attempts to access files that reside on those file systems. Similar
functionality on some systems is provided by a daemon named automountd.
Linux and BSD oriented systems are especially vulnerable.
A remote intruder can execute commands as root if the buffer overflow
attack is successful.
The amd (or automountd) daemon is exploitable for remote root access.
Versions are vulnerable to a buffer overflow attack where a well crafted
pattern could execute arbitrary commands as the root user.
- Where possible, disable amd (or automountd) in inetd.conf file
or the appropriate init.d file.
- Otherwise, patch the system to a version that is not vulnerable to
the buffer overflow attack.
CA-99-12 advisory on this topic.