CVE-1999-0168 - The portmapper may act as a proxy and redirect service requests from an attacker, making the request

CVE-1999-0168

Summary

The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0168

Vulnerable Configurations

cpe:2.3:o:sun:sunos:4.1.3:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:4.1.3:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:4.1.3c:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:4.1.3c:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 17-08-2022 - 07:15)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

xf	nfs-portmap

Last major update

17-08-2022 - 07:15

Published

04-06-1992 - 04:00

Last modified

17-08-2022 - 07:15