| Vulnerability Name: | CVE-1999-0019 (CCN-109) |
| Assigned: | 1996-04-01 |
| Published: | 1996-04-01 |
| Updated: | 2008-09-09 |
| Summary: | Delete or create a file via rpc.statd, due to invalid information.
|
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)| Exploitability Metrics: | Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None | | Scope: | Scope (S): Unchanged
| | Impact Metrics: | Confidentiality (C): None
Integrity (I): Low
Availibility (A): None |
|
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)| Exploitability Metrics: | Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None | | Impact Metrics: | Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None |
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)| Exploitability Metrics: | Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
| | Impact Metrics: | Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None |
|
| Vulnerability Type: | CWE-Other
|
| Vulnerability Consequences: | File Manipulation |
| References: | Source: CCN
Type: AusCERT Advisory AA-97.29
statd Buffer Overrun Vulnerability
Source: CCN
Type: SGI Security Advisory 19971201-01-P1391
Buffer Overrun Vulnerability in statd(1M) Program
Source: MITRE
Type: CNA
CVE-1999-0019
Source: SUN
Type: UNKNOWN
00135
Source: CCN
Type: Sun Microsystems, Inc. Security Bulletin #00135
Vulnerability with the statd program
Source: CCN
Type: Hewlett-Packard Company Security Bulletin HPSBUX9607-032
Security Vulnerability in rpc.pcnfsd & rpc.statd
Source: CCN
Type: CERT Advisory CA-1996-09
Vulnerability in rpc.statd
Source: CCN
Type: CIAC Information Bulletin CIAC-07
Notice of Vulnerability Involving RCP and RDIST
Source: CCN
Type: CIAC Information Bulletin CIAC-12
Notice of Availability of SUN Patch For RCP and RDIST
Source: CCN
Type: OSVDB ID: 11734
Multiple Unix Vendor rpc.statd Arbitrary File Creation/Deletion
Source: CCN
Type: BID-6831
Multiple Vendor rpc.statd Arbitrary File Creation / Deletion Vulnerability
Source: XF
Type: UNKNOWN
rpc-stat(109)
|
| Vulnerable Configuration: | Configuration 1:
cpe:/a:data_general:dg_ux:4.11:*:*:*:*:*:*:*OR cpe:/a:ncr:mp-ras:2.03:*:*:*:*:*:*:*OR cpe:/a:ncr:mp-ras:3.0:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.1:*:*:*:*:*:*:*
Configuration 2:
cpe:/o:ibm:aix:3.2:*:*:*:*:*:*:*OR cpe:/o:ibm:aix:4.1:*:*:*:*:*:*:*OR cpe:/o:nighthawk:cx_ux:*:*:*:*:*:*:*:*OR cpe:/o:nighthawk:powerux:*:*:*:*:*:*:*:*OR cpe:/o:sco:open_desktop:2:*:*:*:*:*:*:*OR cpe:/o:sco:open_desktop:3:*:*:*:*:*:*:*OR cpe:/o:sco:openserver:3.0:*:*:*:*:*:*:*OR cpe:/o:sco:openserver:5.0:*:*:*:*:*:*:*OR cpe:/o:sco:unixware:2:*:*:*:*:*:*:*OR cpe:/o:sun:sunos:4.1.3:*:*:*:*:*:*:*OR cpe:/o:sun:sunos:4.1.4:*:*:*:*:*:*:*OR cpe:/o:sun:sunos:5.3:*:*:*:*:*:*:*OR cpe:/o:sun:sunos:5.4:*:*:*:*:*:*:*OR cpe:/o:sun:sunos:5.4:*:x86:*:*:*:*:*OR cpe:/o:sun:sunos:5.5:*:*:*:*:*:*:*OR cpe:/o:sun:sunos:5.5:*:x86:*:*:*:*:*
Configuration CCN 1:
cpe:/o:hp:hp-ux:10.00:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:10.09:*:*:*:*:*:*:*OR cpe:/o:nec:ews-ux_v:*:*:*:*:*:*:*:*OR cpe:/o:nec:up-ux_v:*:*:*:*:*:*:*:*OR cpe:/o:nec:asl_ux_4800:*:*:*:*:*:*:*:*OR cpe:/o:next:nextstep:*:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:10.01:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:10.10:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:10.20:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:10.30:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:10.16:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.01:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:10.24:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:10.26:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:10.02:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:10.03:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:10.08:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:10.34:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.00:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.03:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.04:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.05:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.06:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.07:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.08:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.09:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.10:*:*:*:*:*:*:*AND cpe:/o:ibm:aix:*:*:*:*:*:*:*:*OR cpe:/o:windriver:bsdos:*:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:*:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:*:*:*:*:*:*:*:*OR cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:*OR cpe:/o:sun:solaris:*:*:*:*:*:*:*:*OR cpe:/a:data_general:dg_ux:*:*:*:*:*:*:*:*OR cpe:/o:sco:unix:*:*:*:*:*:*:*:*OR cpe:/a:ncr:mp-ras:2.03:*:*:*:*:*:*:*OR cpe:/o:compaq:tru64:*:*:*:*:*:*:*:*
 Denotes that component is vulnerable |
| BACK |