Published: 07/06/1999 Updated: 30/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

rpc.statd allows remote malicious users to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sun solaris 2.6
sun sunos -
sun solaris 2.4
sun sunos 5.5.1
sun solaris 2.5.1
sun solaris 2.5
sun sunos 5.3
sun sunos 5.4

source: wwwsecurityfocuscom/bid/450/info The rpc service rpcstatd, shipped with all major versions of Sun's solaris, is the status monitoring service for NFS file locking The vulnerability lies in rpcstatd's ability to relay rpc calls to other rpc services without being validated by the access controls of the other rpc services This c ...

NVD-CWE-Other http://www.cert.org/advisories/CA-99-05-statd-automountd.html http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/186&type=0&nav=sec.sba http://www.ciac.org/ciac/bulletins/j-045.shtml http://www.securityfocus.com/bid/450 http://marc.info/?l=bugtraq&m=91547759121289&w=2 https://nvd.nist.gov https://www.exploit-db.com/exploits/19327/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-1999-0493

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect