Vulnerability Name:
CVE-1999-0018 (CCN-696)
Assigned:
1997-12-05
Published:
1997-12-05
Updated:
2018-10-30
Summary:
Buffer overflow in statd allows root privileges.
CVSS v3 Severity:
9.3 Critical
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
)
Exploitability Metrics:
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Changed
Impact Metrics:
Confidentiality (C):
High
Integrity (I):
High
Availibility (A):
High
CVSS v2 Severity:
10.0 High
(CVSS v2 Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Authentication (Au):
None
Impact Metrics:
Confidentiality (C):
Complete
Integrity (I):
Complete
Availibility (A):
Complete
7.2 High
(CCN CVSS v2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
)
Exploitability Metrics:
Access Vector (AV):
Local
Access Complexity (AC):
Low
Athentication (Au):
None
Impact Metrics:
Confidentiality (C):
Complete
Integrity (I):
Complete
Availibility (A):
Complete
Vulnerability Type:
CWE-Other
Vulnerability Consequences:
Gain Access
References:
Source: CCN
Type: AusCERT Advisory AA-97.29
statd Buffer Overrun Vulnerability
Source: CCN
Type: SGI Security Advisory 19971201-01-P1391
Buffer Overrun Vulnerability in statd(1M) Program
Source: MITRE
Type: CNA
CVE-1999-0018
Source: CCN
Type: Sun Microsystems, Inc. Security Bulletin #00186
rpc.statd
Source: CCN
Type: CERT Advisory CA-1997-26
Buffer Overrun Vulnerability in statd(1M) Program
Source: CCN
Type: CIAC Information Bulletin I-017a
statd Buffer Overrun Vulnerability
Source: CCN
Type: OSVDB ID: 8420
Multiple Unix Vendor rpc.statd Remote Overflow
Source: BID
Type: Exploit, Patch
127
Source: CCN
Type: BID-127
Multiple Vendor Statd Buffer Overflow Vulnerability
Source: XF
Type: UNKNOWN
statd(696)
Vulnerable Configuration:
Configuration 1
:
cpe:/o:sgi:irix:5.0:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.0.1:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.1:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.1.1:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.2:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.3:*:*:*:*:*:*:*
Configuration 2
:
cpe:/o:ibm:aix:3.2:*:*:*:*:*:*:*
OR
cpe:/o:ibm:aix:4.1:*:*:*:*:*:*:*
OR
cpe:/o:sun:solaris:2.4:*:x86:*:*:*:*:*
OR
cpe:/o:sun:solaris:2.5:*:x86:*:*:*:*:*
OR
cpe:/o:sun:solaris:2.5.1:*:x86:*:*:*:*:*
OR
cpe:/o:sun:sunos:5.4:*:*:*:*:*:*:*
OR
cpe:/o:sun:sunos:5.5:*:*:*:*:*:*:*
OR
cpe:/o:sun:sunos:5.5.1:*:*:*:*:*:*:*
Configuration CCN 1
:
cpe:/o:ibm:aix:3.2:*:*:*:*:*:*:*
OR
cpe:/o:ibm:aix:4.2:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.2:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.3:*:*:*:*:*:*:*
OR
cpe:/o:sun:sunos:5.3:*:*:*:*:*:*:*
OR
cpe:/o:sun:sunos:5.5.1:*:*:*:*:*:*:*
OR
cpe:/o:sun:sunos:5.6:*:*:*:*:*:*:*
OR
cpe:/o:sun:solaris:2.5:*:x86:*:*:*:*:*
OR
cpe:/o:sun:solaris:2.5.1:*:x86:*:*:*:*:*
OR
cpe:/o:sun:solaris:2.6::x86:*:*:*:*:*
OR
cpe:/o:sun:solaris:2.4:*:x86:*:*:*:*:*
OR
cpe:/o:sun:sunos:4.1.1:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.0.1:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.1:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.1.1:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.3:*:xfs:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.0:*:*:*:*:*:*:*
AND
cpe:/o:compaq:tru64:*:*:*:*:*:*:*:*
Denotes that component is vulnerable
BACK
sgi
irix 5.0
sgi
irix 5.0.1
sgi
irix 5.1
sgi
irix 5.1.1
sgi
irix 5.2
sgi
irix 5.3
ibm
aix 3.2
ibm
aix 4.1
sun
solaris 2.4
sun
solaris 2.5
sun
solaris 2.5.1
sun
sunos 5.4
sun
sunos 5.5
sun
sunos 5.5.1
ibm
aix 3.2
ibm
aix 4.2
sgi
irix 5.2
sgi
irix 5.3
sun
solaris 2.3
sun
solaris 2.5.1
sun
solaris 2.6
sun
solaris 2.5
sun
solaris 2.5.1
sun
solaris 2.6
sun
solaris 2.4
sun
solaris 1.0
sgi
irix 5.0.1
sgi
irix 5.1
sgi
irix 5.1.1
sgi
irix 5.3
sgi
irix 5.0
compaq
tru64 *
Denotes that component is vulnerable