1. CVE-Search
  2. CVE-2001-0779
ID CVE-2001-0779
Summary Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username.
References
Vulnerable Configurations
  • cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*
    cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*
    cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*
    cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 30-10-2018 - 16:26)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
oval via4
  • accepted 2016-02-08T10:00:00.000-05:00
    class vulnerability
    contributors
    name David Proulx
    organization The MITRE Corporation
    description Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username.
    family unix
    id oval:org.mitre.oval:def:102
    status accepted
    submitted 2002-10-17T12:00:00.000-04:00
    title Solaris 7 rpc.yppasswdd Buffer Overrun Vulnerability
    version 35
  • accepted 2016-02-08T10:00:00.000-05:00
    class vulnerability
    contributors
    name David Proulx
    organization The MITRE Corporation
    description Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username.
    family unix
    id oval:org.mitre.oval:def:56
    status accepted
    submitted 2002-08-30T12:00:00.000-04:00
    title Solaris 8 rpc.yppasswdd Buffer Overrun Vulnerability
    version 35
refmap via4
bid 2763
bugtraq
  • 20010528 solaris 2.6, 7 yppasswd vulnerability
  • 20011004 Patches for Solaris rpc.yppasswdd available
cert-vn VU#327281
ciac M-008
sun 00209
sunbug 4456994
xf solaris-yppasswd-bo(6629)
Last major update 30-10-2018 - 16:26
Published 18-10-2001 - 04:00
Last modified 30-10-2018 - 16:26
Back to Top