The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote malicious users to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sco openserver 5.0.5 |
||
sco openserver 5.0.6 |
||
sco openserver 5.0.6a |
||
sun sunos 5.7 |
||
caldera openlinux 2.2 |
||
sun sunos 5.8 |
||
sun solaris 9.0 |
||
caldera openlinux 2.3 |
||
caldera openlinux 2.4 |