Sun Solaris Command Injection Vulnerability
 |
 |
 |
 |
Overview
(CVE-1999-0208, CA-1995-17)
This vulnerability results from the way that Sun Solaris handles RPC requests.
Details
Sun Solaris provides its Network Information Service (NIS) services through the SUN-RPC remote procedure call mechanism. One of these services, rpc.ypupdated, is used to exchange NIS information from a network-based client using various methods of authentication. Clients connect to rpc.ypupdated and provide authentication information and proposed changes to an NIS database. If authenticated, the information provided is used to update the selected NIS database.
The vulnerability is due to an error in the Sun Solaris rpc.ypupdated (Sun Advisory #238365) service that fails to properly validate user input when processing RPC requests. A remote attacker may exploit this vulnerability via a specially-crafted RPC request sent to the vulnerable host. Successful exploitation may allow execution of arbitrary commands on a vulnerable NIS machine.Protection
SmartDefense detects and blocks malformed RPC requests sent to the vulnerable service.
To activate the protection
You can configure this protection in SmartDashboard.
- Click the SmartDefense tab.
- Click Application Intelligence > Sun-RPC.
- Activate the protection: Sun Solaris rpc.ypupdated Command Injection.