Solaris rpc.yppasswdd username Remote Overflow

Critical Nessus Plugin ID 10684


The remote RPC service has a remote root vulnerability.


The remote RPC service 100009 (yppasswdd) is vulnerable to a buffer overflow which allows any user to obtain a root shell on this host.


Disable this service if you don't use it, or contact Sun for a patch

See Also

Plugin Details

Severity: Critical

ID: 10684

File Name: yppasswdd.nasl

Version: $Revision: 1.35 $

Type: remote

Published: 2001/05/29

Modified: 2016/11/01

Dependencies: 10223

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Required KB Items: rpc/portmap

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2001/05/28

Exploitable With


Reference Information

CVE: CVE-2001-0779

BID: 2763

OSVDB: 567