Vulnerabilities > CVE-2006-3664 - Denial of Service vulnerability in Sun Solaris NIS Server YPServ
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 allows local and remote attackers to cause a denial of service (ypserv hang) via unknown vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 11 |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS9_X86_114342.NASL description SunOS 5.9_x86: ypserv/ypxfrd/rpc.yppasswdd. Date this patch was last updated by Sun : Feb/20/07 last seen 2016-09-26 modified 2011-09-18 plugin id 13598 published 2004-07-12 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=13598 title Solaris 9 (x86) : 114342-12 code #%NASL_MIN_LEVEL 999999 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/09/17. # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(13598); script_version("1.26"); script_name(english: "Solaris 9 (x86) : 114342-12"); script_cve_id("CVE-2006-3664"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 114342-12"); script_set_attribute(attribute: "description", value: 'SunOS 5.9_x86: ypserv/ypxfrd/rpc.yppasswdd. Date this patch was last updated by Sun : Feb/20/07'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "https://getupdates.oracle.com/readme/114342-12"); script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_publication_date", value: "2004/07/12"); script_cvs_date("Date: 2018/08/13 14:32:38"); script_set_attribute(attribute:"vuln_publication_date", value: "2006/07/13"); script_end_attributes(); script_summary(english: "Check for patch 114342-12"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix."); include("solaris.inc"); e += solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114342-12", obsoleted_by:"115696-02 ", package:"SUNWhea", version:"11.9.0,REV=2002.11.04.02.51"); e += solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114342-12", obsoleted_by:"115696-02 ", package:"SUNWnisu", version:"11.9.0,REV=2002.11.04.02.51"); e += solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114342-12", obsoleted_by:"115696-02 ", package:"SUNWypr", version:"11.9.0,REV=2002.11.04.02.51"); e += solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114342-12", obsoleted_by:"115696-02 ", package:"SUNWypu", version:"11.9.0,REV=2002.11.04.02.51"); if ( e < 0 ) { if ( NASL_LEVEL < 3000 ) security_warning(0); else security_warning(port:0, extra:solaris_get_report()); exit(0); } exit(0, "Host is not affected");
NASL family Solaris Local Security Checks NASL id SOLARIS10_123186.NASL description SunOS 5.10: NIS yp utilities patch. Date this patch was last updated by Sun : Sep/02/08 last seen 2018-09-01 modified 2018-08-13 plugin id 22061 published 2006-07-18 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=22061 title Solaris 10 (sparc) : 123186-03 code #%NASL_MIN_LEVEL 80502 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/09/17. # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(22061); script_version("1.23"); script_name(english: "Solaris 10 (sparc) : 123186-03"); script_cve_id("CVE-2006-3664"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 123186-03"); script_set_attribute(attribute: "description", value: 'SunOS 5.10: NIS yp utilities patch. Date this patch was last updated by Sun : Sep/02/08'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "https://getupdates.oracle.com/readme/123186-03"); script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_publication_date", value: "2006/07/18"); script_cvs_date("Date: 2019/10/25 13:36:23"); script_set_attribute(attribute:"vuln_publication_date", value: "2006/07/13"); script_end_attributes(); script_summary(english: "Check for patch 123186-03"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix.");
NASL family Solaris Local Security Checks NASL id SOLARIS8_X86_109329.NASL description SunOS 5.8_x86: ypserv, ypxfr and ypxfrd patch. Date this patch was last updated by Sun : Feb/20/07 last seen 2020-06-01 modified 2020-06-02 plugin id 13430 published 2004-07-12 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13430 title Solaris 8 (x86) : 109329-07 NASL family Solaris Local Security Checks NASL id SOLARIS9_113579.NASL description SunOS 5.9: ypserv/ypxfrd patch. Date this patch was last updated by Sun : Feb/20/07 last seen 2016-09-26 modified 2011-09-18 plugin id 13542 published 2004-07-12 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=13542 title Solaris 9 (sparc) : 113579-12 NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_122078.NASL description SunOS 5.10_x86: NIS yp utilities patch. Date this patch was last updated by Sun : Sep/02/08 last seen 2018-09-01 modified 2018-08-13 plugin id 22062 published 2006-07-18 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=22062 title Solaris 10 (x86) : 122078-04 NASL family Solaris Local Security Checks NASL id SOLARIS8_109328.NASL description SunOS 5.8: ypserv, ypxfr and ypxfrd patch. Date this patch was last updated by Sun : Feb/20/07 last seen 2020-06-01 modified 2020-06-02 plugin id 13322 published 2004-07-12 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13322 title Solaris 8 (sparc) : 109328-07
Oval
accepted | 2007-09-27T08:57:42.566-04:00 | ||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||
description | Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 allows local and remote attackers to cause a denial of service (ypserv hang) via unknown vectors. | ||||||||||||||||||||||||
family | unix | ||||||||||||||||||||||||
id | oval:org.mitre.oval:def:1921 | ||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||
submitted | 2007-08-10T12:25:27.000-04:00 | ||||||||||||||||||||||||
title | Security Vulnerability With NIS server ypserv(1M) May Allow a Denial of Service (DoS) to Occur | ||||||||||||||||||||||||
version | 35 |
References
- http://secunia.com/advisories/21047
- http://securitytracker.com/id?1016494
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102462-1
- http://www.securityfocus.com/bid/18972
- http://www.vupen.com/english/advisories/2006/2799
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27722
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1921