Solaris rpc.yppasswdd (yppasswd server)缓冲区溢出漏洞

Solaris rpc.yppasswdd (yppasswd server)缓冲区溢出漏洞

漏洞ID 1106343 漏洞类型 缓冲区溢出
发布时间 2001-05-10 更新时间 2005-05-02
图片[1]-Solaris rpc.yppasswdd (yppasswd server)缓冲区溢出漏洞-安全小百科CVE编号 CVE-2001-0779
图片[2]-Solaris rpc.yppasswdd (yppasswd server)缓冲区溢出漏洞-安全小百科CNNVD-ID CNNVD-200110-064
漏洞平台 Unix CVSS评分 10.0
|漏洞来源
https://www.exploit-db.com/exploits/20879
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200110-064
|漏洞详情
Solaris2.6,7和8版本中rpc.yppasswdd(yppasswdserver)存在缓冲区溢出漏洞。远程攻击者借助超长用户名获取根访问权限。
|漏洞EXP
source: http://www.securityfocus.com/bid/2763/info

The rpc.yppasswdd server is used to handle password change requests from yppasswd and modify the NIS password file.

A buffer overrun vulnerability has been discovered in the rpc.yppasswdd utility distributed by multiple vendors. The problem occurs due to insufficient bounds checking before copying remotely-supplied user information into a static memory buffer. As a result, a malicious user may be capable of exploiting this issue to overwrite sensitive locations in memory and thus execute arbitrary code with superuser privileges. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/20879.tar.gz
|参考资料

来源:US-CERTVulnerabilityNote:VU#327281
名称:VU#327281
链接:http://www.kb.cert.org/vuls/id/327281
来源:XF
名称:solaris-yppasswd-bo(6629)
链接:http://xforce.iss.net/static/6629.php
来源:BID
名称:2763
链接:http://www.securityfocus.com/bid/2763
来源:BUGTRAQ
名称:20011004PatchesforSolarisrpc.yppasswddavailable
链接:http://www.securityfocus.com/archive/1/[email protected]
来源:BUGTRAQ
名称:20010528solaris2.6,7yppasswdvulnerability
链接:http://www.securityfocus.com/archive/1/187086
来源:CIAC
名称:M-008
链接:http://www.ciac.org/ciac/bulletins/m-008.shtml
来源:SUN
名称:00209
链接:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc;=secbull/209
来源:USGovernmentResource:oval:org.mitre.oval:def:56
名称:oval:org.mitre.oval:def:56
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:56
来源:USGovernmentResource:oval:org.mitre.oval:def:102
名称:oval:org.mitre.oval:def:102
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:102

相关推荐: Trend Micro InterScan eManager Bcc Disclosure Vulnerability

Trend Micro InterScan eManager Bcc Disclosure Vulnerability 漏洞ID 1102190 漏洞类型 Design Error 发布时间 2002-04-24 更新时间 2002-04-24 CVE编号 N…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享