{"vuid":"VU#121099","idnumber":"121099","name":"ypbind contains buffer overflow","keywords":["ypbind","buffer overflow","SunOS","Solaris","Sun","NIS"],"overview":"The daemon ypbind on Solaris and SunOS contains a buffer overflow vulnerability.","clean_desc":"A buffer overflow vulnerability has been discovered in ypbind, a daemon that runs on all client and server machines running Solaris and SunOS and set up to use a Network Information Server (NIS).","impact":"This vulnerability may be exploited by a local or a remote attacker to gain root access, and thus complete control of the victim host.","resolution":"Apply the appropriates patches, available at: http://sunsolve.sun.com/securitypatch Refer to the following table to see which patch you should apply. OS Version          Patch ID SunOS 5.8           110322-01    \n        SunOS 5.8_x86       110323-01    \n        SunOS 5.7           108750-02    \n        SunOS 5.7_x86       108751-02    \n        SunOS 5.6           105403-04   \n        SunOS 5.6_x86       105404-04    \n        SunOS 5.5.1         105165-04   \n        SunOS 5.5.1_x86     105166-04    \n        SunOS 5.5           105169-04   \n        SunOS 5.5_x86       105170-04    \n        SunOS 5.4           101973-41   \n        SunOS 5.4_x86       101974-41","workarounds":"None.","sysaffected":"","thanks":"Thanks to Sun Microsystems for reporting this vulnerability.","author":"This document was written by Shawn Van Ittersum.","public":["http://sunsolve.sun.com/security","http://sunsolve.sun.com/securitypatch","http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/203&type=0&nav=sec.sba","http://xforce.iss.net/static/6828.php"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-10-13T23:23:16Z","publicdate":"2001-06-26T19:55:36Z","datefirstpublished":"2002-03-29T23:00:36Z","dateupdated":"2002-03-29T23:00:47Z","revision":10,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"14","cam_population":"10","cam_impact":"19","cam_easeofexploitation":"8","cam_attackeraccessrequired":"17","cam_scorecurrent":"14.0505","cam_scorecurrentwidelyknown":"16.473","cam_scorecurrentwidelyknownexploited":"26.163","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":14.0505,"vulnote":null}