Intrusion Prevention

Sun.Solaris.rpc.ypupdated.Remote.Command.Execution

Description

This indicates an attempt to exploit remote command execution vulnerability in the "rpc.yupdated" deamon.
This daemon is the update daemon in Yellow Pages (YP) or Network Information Service (NIS). Due to insufficient user input validation, a remote attacker can execute arbitrary commands with root privileges on a target system.

Affected Products

Sun SunOS 4.1.4 -JL
Sun SunOS 4.1.4
Sun SunOS 4.1.3 c
Sun SunOS 4.1.3 _U1
Sun SunOS 4.1.3
Sun SunOS 4.1.2
Sun SunOS 4.1.1
Sun SunOS 4.1 PSR_A
Sun SunOS 4.1
Sun Solaris 9
Sun Solaris 8
Sun Solaris 10
SGI IRIX 6.0.1 XFS
SGI IRIX 6.0.1
SGI IRIX 6.0
SGI IRIX 5.3 XFS
SGI IRIX 5.3
SGI IRIX 5.2
SGI IRIX 5.1.1
SGI IRIX 5.1
SGI IRIX 5.0.1
SGI IRIX 5.0
SGI IRIX 4.0.5 IPR
SGI IRIX 4.0.5 H
SGI IRIX 4.0.5 G
SGI IRIX 4.0.5 F
SGI IRIX 4.0.5 E
SGI IRIX 4.0.5 D
SGI IRIX 4.0.5 A
SGI IRIX 4.0.5 (IOP)
SGI IRIX 4.0.5
SGI IRIX 4.0.4 T
SGI IRIX 4.0.4 B
SGI IRIX 4.0.4
SGI IRIX 4.0.3
SGI IRIX 4.0.2
SGI IRIX 4.0.1 T
SGI IRIX 4.0.1
SGI IRIX 4.0
SGI IRIX 3.3.3
SGI IRIX 3.3.2
SGI IRIX 3.3.1
SGI IRIX 3.3
SGI IRIX 3.2
NEC UX/4800 (64)
NEC UP-UX/V (Rel4.2MP)
NEC EWS-UX/V (Rel4.2MP)
NEC EWS-UX/V (Rel4.2)
IBM AIX 4.1
IBM AIX 3.2
HP HP-UX 10.20
HP HP-UX 10.10
HP HP-UX 10.1 0
HP HP-UX B.11.23
HP HP-UX B.11.22
HP HP-UX B.11.11
HP HP-UX B.11.11
HP HP-UX B.11.00

Impact

System Compromise: attackers can execute arbitrary command on the affected system.

Recommended Actions

Apply appropriate patches and/or upgrade the program to the latest non-vulnerable version.

CVE References

CVE-1999-0208

Other References

1