Vulnerability Name:

CVE-1999-0554 (CCN-45)

Assigned:1999-08-03
Published:1999-08-03
Updated:2005-10-20
Summary:NFS exports system-critical data to the world, e.g. / or a password file.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:File Manipulation
References:Source: MITRE
Type: CNA
CVE-1999-0554

Vulnerability Name:

CVE-1999-0554 (CCN-74)

Published:1999-08-03
Updated:2005-10-20
Summary:NFS exports system-critical data to the world, e.g. / or a password file.
CVSS v3 Severity:
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Other
References:Source: MITRE
Type: CNA
CVE-1999-0554

Vulnerability Name:

CVE-1999-0554 (CCN-75)

Assigned:1991-12-06
Published:1991-12-06
Updated:2005-10-20
Summary:NFS exports system-critical data to the world, e.g. / or a password file.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-1999-0166

Source: MITRE
Type: CNA
CVE-1999-0554

Source: CCN
Type: CERT Advisory CA-1991-21
NFS Jumbo and fsirand Patches

Source: CCN
Type: CERT Advisory CA-1992-15
Multiple SunOS Vulnerabilities Patched

Source: CCN
Type: CERT Advisory CA-1993-15
/usr/lib/sendmail, /bin/tar, and /dev/audio Vulnerabilities

Source: CCN
Type: CERT Advisory CA-1994-02
Revised Patch for SunOS /usr/etc/rpc.mountd Vulnerability

Source: CCN
Type: CERT Advisory CA-1994-15
NFS Vulnerabilities

Source: CCN
Type: OSVDB ID: 11630
Multiple Vendor NFS CD Command Arbitrary File/Directory Access

Source: XF
Type: UNKNOWN
nfs-cd(75)

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/o:ibm:aix:*:*:*:*:*:*:*:*
  • OR cpe:/o:windriver:bsdos:*:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:*:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:*:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:*:*:*:*:*:*:*:*
  • OR cpe:/a:data_general:dg_ux:*:*:*:*:*:*:*:*
  • OR cpe:/o:sco:unix:*:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:*:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-1999-0554 (CCN-79)

    Published:1999-08-03
    Updated:2005-10-20
    Summary:NFS exports system-critical data to the world, e.g. / or a password file.
    CVSS v3 Severity:
    CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Authentication (Au): None
    Impact Metrics:Confidentiality (C): Complete
    Integrity (I): Complete
    Availibility (A): Complete
    Vulnerability Type:CWE-Other
    Vulnerability Consequences:Gain Access
    References:Source: MITRE
    Type: CNA
    CVE-1999-0554

    Source: CCN
    Type: CERT Advisory CA-1991-21
    SunOS NFS Jumbo and fsirand Patches

    Source: CCN
    Type: CERT Advisory CA-1992-15
    Multiple SunOS Vulnerabilities Patched

    Source: CCN
    Type: CERT Advisory CA-1993-15
    /usr/lib/sendmail, /bin/tar, and /dev/audio Vulnerabilities

    Source: CCN
    Type: CERT Advisory CA-1994-02
    Revised Patch for SunOS /usr/etc/rpc.mountd Vulnerability

    Source: CCN
    Type: CERT Advisory CA-1994-15
    NFS Vulnerabilities

    Source: CCN
    Type: BID-24
    SunOS rpc.mountd Vulnerability

    Vulnerability Name:

    CVE-1999-0554 (CCN-83)

    Published:1999-08-03
    Updated:2005-10-20
    Summary:NFS exports system-critical data to the world, e.g. / or a password file.
    CVSS v3 Severity:
    CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Authentication (Au): None
    Impact Metrics:Confidentiality (C): Complete
    Integrity (I): Complete
    Availibility (A): Complete
    Vulnerability Type:CWE-Other
    Vulnerability Consequences:Gain Access
    References:Source: MITRE
    Type: CNA
    CVE-1999-0166

    Source: MITRE
    Type: CNA
    CVE-1999-0170

    Source: MITRE
    Type: CNA
    CVE-1999-0211

    Source: MITRE
    Type: CNA
    CVE-1999-0548

    Source: MITRE
    Type: CNA
    CVE-1999-0554

    Source: CCN
    Type: CERT Advisory CA-1991-21
    SunOS NFS Jumbo and fsirand Patches

    Source: CCN
    Type: CERT Advisory CA-1992-15
    Multiple SunOS Vulnerabilities Patched

    Source: CCN
    Type: CERT Advisory CA-1993-15
    /usr/lib/sendmail, /bin/tar, and /dev/audio Vulnerabilities

    Source: CCN
    Type: CERT Advisory CA-1994-02
    Revised Patch for SunOS /usr/etc/rpc.mountd Vulnerability

    Source: CCN
    Type: CERT Advisory CA-1994-15
    NFS Vulnerabilities

    Source: CCN
    Type: OSVDB ID: 11516
    NFS 256 Character Export Mount Authentication Bypass

    Source: CCN
    Type: OSVDB ID: 11630
    Multiple Vendor NFS CD Command Arbitrary File/Directory Access

    Source: CCN
    Type: OSVDB ID: 8750
    Ultrix/OSF Restricted NFS File System Mount

    Source: CCN
    Type: BID-24
    SunOS rpc.mountd Vulnerability

    Source: CCN
    Type: Sun Managers Mailing List, Thu Feb 08 1996 - 09:47:00 CST
    SUMMARY: NFS problem Solaris 2.4/Ultrix 4.3

    Source: XF
    Type: UNKNOWN
    filesgrabbed(45)

    Source: XF
    Type: UNKNOWN
    nfs-export(74)

    Source: XF
    Type: UNKNOWN
    nfs-cd(75)

    Source: XF
    Type: UNKNOWN
    nfs-mount(79)

    Source: XF
    Type: UNKNOWN
    nfs-ultrix(83)

    BACK
    ibm aix *
    windriver bsdos *
    hp hp-ux *
    sgi irix *
    linux linux kernel *
    sun solaris *
    data_general dg ux *
    sco unix *
    compaq tru64 *