Vulnerabilities > CVE-2001-0779 - Unspecified vulnerability in SUN Solaris and Sunos
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 6 |
Exploit-Db
description | OpenServer 5.0.5/5.0.6,HP-UX 10/11,Solaris 2.6/7.0/8 rpc.yppasswdd Buffer Overrun. CVE-2001-0779. Remote exploit for unix platform |
id | EDB-ID:20879 |
last seen | 2016-02-02 |
modified | 2001-05-10 |
published | 2001-05-10 |
reporter | metaray |
source | https://www.exploit-db.com/download/20879/ |
title | OpenServer 5.0.5/5.0.6,HP-UX 10/11,Solaris 2.6/7.0/8 rpc.yppasswdd Buffer Overrun |
Nessus
NASL family | Gain a shell remotely |
NASL id | YPPASSWDD.NASL |
description | The remote RPC service 100009 (yppasswdd) is vulnerable to a buffer overflow which allows any user to obtain a root shell on this host. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10684 |
published | 2001-05-29 |
reporter | This script is Copyright (C) 2001-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/10684 |
title | Solaris rpc.yppasswdd username Remote Overflow |
code |
|
Oval
accepted 2016-02-08T10:00:00.000-05:00 class vulnerability contributors name David Proulx organization The MITRE Corporation description Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username. family unix id oval:org.mitre.oval:def:102 status accepted submitted 2002-10-17T12:00:00.000-04:00 title Solaris 7 rpc.yppasswdd Buffer Overrun Vulnerability version 35 accepted 2016-02-08T10:00:00.000-05:00 class vulnerability contributors name David Proulx organization The MITRE Corporation description Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username. family unix id oval:org.mitre.oval:def:56 status accepted submitted 2002-08-30T12:00:00.000-04:00 title Solaris 8 rpc.yppasswdd Buffer Overrun Vulnerability version 35
References
- http://www.securityfocus.com/archive/1/187086
- http://www.securityfocus.com/bid/2763
- http://www.kb.cert.org/vuls/id/327281
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/209
- http://www.ciac.org/ciac/bulletins/m-008.shtml
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A56
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A102
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6629
- http://www.securityfocus.com/archive/1/200110041632.JAA28125%40dim.ucsd.edu