Test ID:	1.3.6.1.4.1.25623.1.0.80035
Category:	Gain a shell remotely
Title:	yppasswdd overflow
Summary:	The remote RPC service 100009 (yppasswdd) is vulnerable; to a buffer overflow which allows any user to obtain a root shell on this host.
Description:	Summary: The remote RPC service 100009 (yppasswdd) is vulnerable to a buffer overflow which allows any user to obtain a root shell on this host. Solution: Disable this service if you don't use it, or contact Sun for a patch. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2001-0779 BugTraq ID: 2763 http://www.securityfocus.com/bid/2763 Bugtraq: 20010528 solaris 2.6, 7 yppasswd vulnerability (Google Search) http://www.securityfocus.com/archive/1/187086 Bugtraq: 20011004 Patches for Solaris rpc.yppasswdd available (Google Search) http://www.securityfocus.com/archive/1/200110041632.JAA28125@dim.ucsd.edu CERT/CC vulnerability note: VU#327281 http://www.kb.cert.org/vuls/id/327281 Computer Incident Advisory Center Bulletin: M-008 http://www.ciac.org/ciac/bulletins/m-008.shtml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A102 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A56 Sun Security Bulletin: 00209 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/209 Sun Bug ID: 4456994 XForce ISS Database: solaris-yppasswd-bo(6629) https://exchange.xforce.ibmcloud.com/vulnerabilities/6629
Copyright	Copyright (C) 2008 Renaud Deraison

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.