RPC ypupdated daemon allows remote commands execution as root

Risk Level: High risk vulnerability  High

Check or Attack Name: rpcupdate
Platforms: AIX: 3.2, AIX: 4.1, IRIX: 3.x, IRIX: 4.x, IRIX: 5.x, IRIX: 6.0.1, NEC EWS-UX/V, NEC UP-UX/V, NEC UX/4800, SunOS: 4.1.x, HPUX: 10.01, HPUX: 10.10, IRIX: 6.0, HPUX: 10.20
Description:

The NIS update daemon rpc.ypupdated contains a vulnerability in how it passes commands to certain function calls, which allows a remote attacker to trick the service into executing arbitrary commands on the system with root privileges. Exploit information for this hole has been made widely available.
Remedy:

Obtain and install a patch from your vendor as soon as possible.
References:

CERT Advisory CA-95.17, rpc.ypupdated Vulnerability, http://www.cert.org/advisories/CA-95.17.rpc.ypupdated.vul.html

Silicon Graphics Inc. Security Advisory 19951201-01-P, Avalon Security Research - rpc.ypupdate slammer exploit, ftp://sgigate.sgi.com/security/19951201-01-P
X-Force Logo
Know Your Risks