CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
68.4%
The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 through 114342-05, prevent ypserv and ypxfrd from properly restricting access to secure NIS maps, which allows local users to use ypcat or ypmatch to extract the contents of a secure map such as passwd.adjunct.byname.
Vendor | Product | Version | CPE |
---|---|---|---|
sun | patch_manager | 113579-02 | cpe:2.3:a:sun:patch_manager:113579-02:*:*:*:*:*:*:* |
sun | patch_manager | 113579-03 | cpe:2.3:a:sun:patch_manager:113579-03:*:*:*:*:*:*:* |
sun | patch_manager | 113579-04 | cpe:2.3:a:sun:patch_manager:113579-04:*:*:*:*:*:*:* |
sun | patch_manager | 113579-05 | cpe:2.3:a:sun:patch_manager:113579-05:*:*:*:*:*:*:* |
sun | patch_manager | 114342-02 | cpe:2.3:a:sun:patch_manager:114342-02:*:*:*:*:*:*:* |
sun | patch_manager | 114342-03 | cpe:2.3:a:sun:patch_manager:114342-03:*:*:*:*:*:*:* |
sun | patch_manager | 114342-04 | cpe:2.3:a:sun:patch_manager:114342-04:*:*:*:*:*:*:* |
sun | patch_manager | 114342-05 | cpe:2.3:a:sun:patch_manager:114342-05:*:*:*:*:*:*:* |