IRIX rpc.yppasswdd Unspecified Remote Overflow

high Nessus Plugin ID 11021

Synopsis

Arbitrary code may be run on the remote host.

Description

The remote RPC service #100009 (yppasswdd) is vulnerable to a buffer overflow which allows any user to obtain a root shell on this host.

Note: This issue is different than the one described in CVE-2002-0357 / SGI advisory #20020601-01-P.

Solution

Disable this service if you don't use it.

Plugin Details

Severity: High

ID: 11021

File Name: sgi_rpc_passwd.nasl

Version: 1.27

Type: remote

Family: RPC

Published: 6/8/2002

Updated: 8/13/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Vulnerability Information

Required KB Items: Settings/ParanoidReport, rpc/portmap

Excluded KB Items: rpc/yppasswd/sun_overflow

Vulnerability Publication Date: 6/1/2002

Detections

Analytics