search menu icon-carat-right cmu-wordmark

CERT Coordination Center

SGI IRIX contains vulnerability in rpc.passwd allowing for root compromise

Vulnerability Note VU#430419

Original Release Date: 2002-07-11 | Last Revised: 2002-07-11

Overview

There is a vulnerability in rpc.passwd that could allow root compromise.

Description

/usr/etc/rpc.passwd, part of the nfs.sw.nis subsystem on IRIX 6.5, could permit a root compromise. No other details are available.

Impact

Intruders could gain root access.

Solution

Apply a patch as described by SGI. See the SGI vendor statement below for additional information.

Vendor Information

430419
 

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

Thanks to SGI for reporting this vulnerability.

This document was written by Shawn V Hernan based on information provided by SGI.

Other Information

CVE IDs: CVE-2002-0357
Severity Metric: 0.75
Date Public: 2002-06-04
Date First Published: 2002-07-11
Date Last Updated: 2002-07-11 21:12 UTC
Document Revision: 7

Sponsored by CISA.