OSVDB ID: 11517

Title: Multiple Vendor NIS rpc.ypupdated YP Map Update Arbitrary Remote Command Execution

Info

Disclosure

Dec 12, 1994

Discovery

Unknown

Dates

Exploit

Dec 19, 1994

Solution

Unknown

Description

A command execution flaw exists in rpc.ypupdated. The update daemon fails to validate data passed to a MAP UPDATE request. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS, Upgrade
Exploit: Exploit Public, Exploit Commercial

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, multiple vendors have released a patch to address this vulnerability.

Products

Unknown or Incomplete

References

ISS X-Force ID: 110
Metasploit ID: 11517
Bugtraq ID: 1749
CVE ID: 1999-0208 (see also: NVD)
CERT: CA-1995-17 CA-95.17.rpc.ypupdated.vul
Vendor Specific Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/19951201-01-P
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/1995_4/0125.html
Generic Exploit URL: http://www.saintcorporation.com/cgi-bin/exploit_info/ypupdated

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/11517