Vulnerability Note VU#121099

ypbind contains buffer overflow

Overview

The daemon ypbind on Solaris and SunOS contains a buffer overflow vulnerability.

I. Description

A buffer overflow vulnerability has been discovered in ypbind, a daemon that runs on all client and server machines running Solaris and SunOS and set up to use a Network Information Server (NIS).

II. Impact

This vulnerability may be exploited by a local or a remote attacker to gain root access, and thus complete control of the victim host.

III. Solution

Apply the appropriates patches, available at:

http://sunsolve.sun.com/securitypatch

Refer to the following table to see which patch you should apply.

OS Version Patch ID
__________ _________
SunOS 5.8 110322-01
SunOS 5.8_x86 110323-01
SunOS 5.7 108750-02
SunOS 5.7_x86 108751-02
SunOS 5.6 105403-04
SunOS 5.6_x86 105404-04
SunOS 5.5.1 105165-04
SunOS 5.5.1_x86 105166-04
SunOS 5.5 105169-04
SunOS 5.5_x86 105170-04
SunOS 5.4 101973-41
SunOS 5.4_x86 101974-41
None.

Systems Affected

Vendor	Status	Date Updated
Sun	Unknown	20-Dec-2001

References

http://sunsolve.sun.com/security
http://sunsolve.sun.com/securitypatch
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/203&type=0&nav=sec.sba
http://xforce.iss.net/static/6828.php

Credit

Thanks to Sun Microsystems for reporting this vulnerability.

This document was written by Shawn Van Ittersum.

Other Information

Date Public	06/26/2001 03:55:36 PM
Date First Published	03/29/2002 07:00:36 PM
Date Last Updated	03/29/2002
CERT Advisory
CVE Name
Metric	14.05
Document Revision	10

If you have feedback, comments, or additional information about this vulnerability, please send us email.