nis software vulnerabilities
vulnerabilities.aspcode.net
Searching nis software vulnerabilities
The permissions for a system-critical NIS+ tabl
system-critical
|
permissions
|
table
|
NIS+
|
The permissions for a system-critical NIS+ table (e.g. passwd) are inappropriate.
A component service related to NIS is running.
component
|
running
|
related
|
service
|
NIS
|
A component service related to NIS is running.
A component service related to NIS+ is running.
component
|
running
|
related
|
service
|
NIS+
|
A component service related to NIS+ is running.
The NIS+ rpc.nisd server allows remote attacker
authentication
|
information
|
attackers
|
certain
|
logging
|
disable
|
without
|
rpcnisd
|
execute
|
obtain
|
system
|
caches
|
remote
|
modify
|
server
|
allows
|
calls
|
NIS+
|
RPC
|
The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches.
CDE screen lock program (screenlock) on Solaris
program
|
screen
|
lock
|
CDE
|
CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.
Solaris Solstice AdminSuite (AdminSuite) 2.1 us
AdminSuite
|
Solstice
|
Solaris
|
Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries.
Solaris Solstice AdminSuite (AdminSuite) 2.1 in
AdminSuite
|
Solstice
|
Solaris
|
Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write permissions on source files for NIS maps, which could allow local users to gain privileges by modifying /etc/passwd.
Solaris Solstice AdminSuite (AdminSuite) 2.1 fo
AdminSuite
|
Solstice
|
Solaris
|
Solaris Solstice AdminSuite (AdminSuite) 2.1 follows symbolic links when updating an NIS database, which allows local users to overwrite arbitrary files.
The Name Service Daemon (nsd), when running on
Service
|
Daemon
|
Name
|
The Name Service Daemon (nsd), when running on an NIS master on SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via a UDP port scan.
ypserv NIS server before 2.7 allows remote atta
attackers
|
service
|
respond
|
request
|
causes
|
server
|
ypserv
|
client
|
denial
|
remote
|
allows
|
before
|
cause
|
which
|
block
|
does
|
TCP
|
via
|
not
|
NIS
|
ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client request that does not respond to the server, which causes ypserv to block.
The Solaris 9 patches 113579-02 through 113579-
passwdadjunctbyname
|
restricting
|
114342-02
|
114342-05
|
113579-05
|
113579-02
|
contents
|
properly
|
extract
|
ypmatch
|
patches
|
Solaris
|
prevent
|
through
|
allows
|
access
|
secure
|
ypserv
|
ypxfrd
|
ypcat
|
local
|
which
|
users
|
maps
|
such
|
map
|
use
|
NIS
|
The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 through 114342-05, prevent ypserv and ypxfrd from properly restricting access to secure NIS maps, which allows local users to use ypcat or ypmatch to extract the contents of a secure map such as passwd.adjunct.byname.
Unknown vulnerability in AIX 5.3.0, when config
vulnerability
|
Unknown
|
AIX
|
Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges.
Unknown vulnerability in NIS+ on Solaris 7, 8,
vulnerability
|
attackers
|
Solaris
|
Unknown
|
service
|
denial
|
allows
|
remote
|
cause
|
NIS+
|
Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (rpc.nisd disabled and NIS+ unavailable) via unknown vectors.
Procom NetFORCE 800 4.02 M10 Build 20 and possi
NetFORCE
|
Procom
|
Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions sends the NIS password map (passwd.nis) as a file attachment in diagnostic e-mail messages, which allows remote attackers to obtain the cleartext NIS password hashes.
PADL MigrationTools 46, when a failure occurs,
world-readable
|
/tmp/nis$$ldif
|
MigrationTools
|
/etc/shadow
|
information
|
temporary
|
sensitive
|
properly
|
possibly
|
contents
|
failure
|
managed
|
occurs
|
stores
|
which
|
files
|
other
|
PADL
|
file
|
not
|
PADL MigrationTools 46, when a failure occurs, stores contents of /etc/shadow in a world-readable /tmp/nis.$$.ldif file, and possibly other sensitive information in other temporary files, which are not properly managed by (1) migrate_all_online.sh, (2) migrate_all_offline.sh, (3) migrate_all_netinfo_online.sh, (4) migrate_all_netinfo_offline.sh, (5) migrate_all_nis_online.sh, (6) migrate_all_nis_offline.sh, (7) migrate_all_nisplus_online.sh, and (8) migrate_all_nisplus_offline.sh.
PADL MigrationTools 46 creates temporary files
MigrationTools
|
insecurely
|
arbitrary
|
temporary
|
overwrite
|
properly
|
symlink
|
creates
|
created
|
attack
|
allows
|
which
|
files
|
local
|
users
|
PADL
|
via
|
not
|
PADL MigrationTools 46 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the temporary files, which are not properly created by (1) migrate_all_online.sh, (2) migrate_all_offline.sh, (3) migrate_all_netinfo_online.sh, (4) migrate_all_netinfo_offline.sh, (5) migrate_all_nis_online.sh, (6) migrate_all_nis_offline.sh, (7) migrate_all_nisplus_online.sh, and (8) migrate_all_nisplus_offline.sh.
Unspecified vulnerability in NIS server on Sun
vulnerability
|
Unspecified
|
attackers
|
Solaris
|
service
|
remote
|
denial
|
server
|
allows
|
cause
|
local
|
NIS
|
Sun
|
Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 allows local and remote attackers to cause a denial of service (ypserv hang) via unknown vectors.
Software vulnerabilities results 1 to 18 of 18
Page:
1