rpc.statd format string exploit v1.24 Vulnerability exploited: CVE-2000-0666 - BID-1480 Category: Exploits/Remote Exploits a syslog() format string vulnerability in the rpc.statd daemon. The rpc.statd program passes user-supplied data to the syslog() function as a format string. If there is no input validation of this string, a malicious user can inject machine code to be executed with the privileges of the rpc.statd process, typically root.This is a ONE SHOT exploit. This exploit is able to attack a Redhat and a Suse system in a 'one shot' attack. Supported Systems: RedHat Linux 6.1 (i386) RedHat Linux 6.2 (i386) SuSE Linux 6.4 (i386) This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.