CERT® Advisory CA-1999-12 Buffer Overflow in amdOriginal release date: September 16, 1999
Last revised: --
A complete revision history is at the end of this file.
There is a buffer overflow vulnerability in the logging facility of the amd daemon.
This daemon automatically mounts file systems in response to attempts to access files that reside on those file systems. Similar functionality on some systems is provided by a daemon named automountd.
Systems that include automounter daemons based on BSD 4.x source code may also be vulnerable. A vulnerable implementation of amd is included in the am-utils package, provided with many Linux distributions.
Remote intruders can execute arbitrary code as the user running the amd daemon (usually root).
Install a patch from your vendor
Appendix A contains information provided by vendors for this advisory. We will update the appendix as we receive more information. If you do not see your vendor's name, the CERT/CC did not hear from that vendor. Please contact your vendor directly.
We will update this advisory as more information becomes available. Please check the CERT/CC Web site for the most current revision.
If you are unable to apply a patch for this problem, you can disable the amd daemon to prevent this vulnerability from being exploited. Disabling amd may prevent your system from operating normally.
BSDIBSD/OS 4.0.1 and 3.1 are both vulnerable to this problem if amd has been configured. The amd daemon is not started if it has not been configured locally. Mods (M410-017 for 4.0.1 and M310-057) are available via ftp from ftp://ftp.bsdi.com/bsdi/patches or via our web site at http://www.bsdi.com/support/patches
Compaq Computer Corporation
DG/UX is not vulnerable to this problem.
Erez Zadok (am-utils maintainer)The latest stable version of am-utils includes several important security fixes. To retrieve it, use anonymous ftp for the following URL
The MD5 checksum of the am-utils-6.0.1.tar.gz archive is
The simplest instructions to build, install, and run am-utils are as follows:
Please see the FreeBSD advisory at
FujitsuThis vulnerability is still under investigation by Fujitsu.
HP is not vulnerable.
AIX is not vulnerable. It does not ship the am-utils package.
OpenBSD is not vulnerable.
RedHat has released a security advisory on this topic. It is available from our ftp server at:
No SCO products are vulnerable.
SGI does not distribute am-utils in either IRIX or UNICOS operating systems.
Sun Microsystems, Inc.
SunOS - All versions are not vulnerable.
Solaris - All versions are not vulnerable.
The CERT Coordination Center would like to thank Erez Zadok, the maintainer of the am-utils package, for his assistance in preparing this advisory.
This document is available from: http://www.cert.org/advisories/CA-1999-12.html
CERT/CC Contact Information
Phone: +1 412-268-7090 (24-hour hotline)
Fax: +1 412-268-6989
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S. holidays, and on weekends.
We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from
If you prefer to use DES, please call the CERT hotline for more information.
Getting security information
CERT publications and other security information are available from our web site
* "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office.
Conditions for use, disclaimers, and sponsorship information
Copyright 1999 Carnegie Mellon University.
Sep 16, 1999: Initial release