Added: 03/28/2008
CVE: CVE-1999-0208
BID: 1749
OSVDB: 11517
Network Information Service (NIS) is a distributed database that allows you to maintain consistent configuration files throughout your network. **rpc.ypupdated**
is an NIS service which is responsible for duplicating information from the master NIS server to slave servers.
A command injection vulnerability in **rpc.ypupdated**
allows remote attackers to execute arbitrary commands by sending an Update command with a map name containing invalid characters, which are interpreted by the shell when invoking the **make**
command.
Apply a patch from the vendor, or disable the **rpc.ypupdated**
service.
<http://secunia.com/advisories/29454/>
<http://www.cert.org/advisories/CA-1995-17.html>
Exploit works on Solaris 10 and requires the **rpc.ypupdated**
program to be running with the **-i**
option.
SunOS