search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

ypbind contains buffer overflow

Vulnerability Note VU#121099

Original Release Date: 2002-03-29 | Last Revised: 2002-03-29

Overview

The daemon ypbind on Solaris and SunOS contains a buffer overflow vulnerability.

Description

A buffer overflow vulnerability has been discovered in ypbind, a daemon that runs on all client and server machines running Solaris and SunOS and set up to use a Network Information Server (NIS).

Impact

This vulnerability may be exploited by a local or a remote attacker to gain root access, and thus complete control of the victim host.

Solution

Apply the appropriates patches, available at:

http://sunsolve.sun.com/securitypatch

Refer to the following table to see which patch you should apply.

        OS Version          Patch ID        
        __________          _________
        SunOS 5.8           110322-01    
        SunOS 5.8_x86       110323-01    
        SunOS 5.7           108750-02    
        SunOS 5.7_x86       108751-02    
        SunOS 5.6           105403-04  
        SunOS 5.6_x86       105404-04    
        SunOS 5.5.1         105165-04  
        SunOS 5.5.1_x86     105166-04    
        SunOS 5.5           105169-04  
        SunOS 5.5_x86       105170-04    
        SunOS 5.4           101973-41  
        SunOS 5.4_x86       101974-41

None.

Vendor Information

121099
 
Expand all

Sun Unknown

Notified:  October 13, 2001 Updated: December 20, 2001

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.


CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

Thanks to Sun Microsystems for reporting this vulnerability.

This document was written by Shawn Van Ittersum.

Other Information

CVE IDs: None
Severity Metric: 14.05
Date Public: 2001-06-26
Date First Published: 2002-03-29
Date Last Updated: 2002-03-29 23:00 UTC
Document Revision: 10

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis