Rpc.nisd buffer overflow in Solaris

Risk Level: High risk vulnerability  High

Check or Attack Name: NISd Buffer Overflow
Platforms: Solaris: 2.3, Solaris: 2.4, Solaris: 2.5, Solaris: 2.5.1, Solaris: 2.6, Solaris: 2.5 x86, Solaris: 2.5.1 x86, Solaris: 2.6 x86, Solaris: 2.4 x86
Description:

The Solaris rpc.nisd daemon contains a buffer overflow vulnerability that could allow a remote attacker to gain root privileges.
Remedy:

Immediately obtain and install the following patches from Sun:

  • Solaris 2.6: 105401-13
  • Solaris 2.6_x86: 105402-13
  • Solaris 2.5.1: 103612-41
  • Solaris 2.5.1_x86: 103613-41
  • Solaris 2.5: 103187-38
  • Solaris 2.5_x86: 103188-38
  • Solaris 2.4: 101973-35
  • Solaris 2.4_x86: 101974-35
  • Solaris 2.3: 101318-91
References:

Sun Microsystems, Inc. Security Bulletin #00170, rpc.nisd, http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/170&type=0&nav=sec.sba

CERT Advisory CA-98.06, Buffer Overflow in NIS+, http://www.cert.org/advisories/CA-98.06.nisd.html

CIAC Information Bulletin I-058, SunOS rpc.nisd Vulnerability, http://www.ciac.org/ciac/bulletins/i-058.shtml

ISS Security Advisory #3, Remote Buffer Overflow in the rpc.nisd program, http://xforce.iss.net/alerts/advise3.php3
X-Force Logo
Know Your Risks