1. CVE-Search
  2. CVE-2007-0165
ID CVE-2007-0165
Summary Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind.
References
Vulnerable Configurations
  • cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
    cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
CVSS
Base: 7.8 (as of 30-10-2018 - 16:25)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:C
oval via4
  • accepted 2007-09-27T08:57:46.612-04:00
    class vulnerability
    contributors
    name Pai Peng
    organization Opsware, Inc.
    definition_extensions
    • comment Solaris 8 (SPARC) is installed
      oval oval:org.mitre.oval:def:1539
    • comment Solaris 9 (SPARC) is installed
      oval oval:org.mitre.oval:def:1457
    • comment Solaris 8 (x86) is installed
      oval oval:org.mitre.oval:def:2059
    • comment Solaris 9 (x86) is installed
      oval oval:org.mitre.oval:def:1683
    description Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind.
    family unix
    id oval:org.mitre.oval:def:2210
    status accepted
    submitted 2007-08-10T12:25:20.000-04:00
    title A Security Vulnerability in Solaris libnsl(3LIB) may lead to a Denial of Service (DoS) to the rpcbind(1M) Service
    version 36
  • accepted 2014-03-24T04:01:48.792-04:00
    class vulnerability
    contributors
    • name Michael Wood
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    description Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind.
    family unix
    id oval:org.mitre.oval:def:5920
    status accepted
    submitted 2008-09-22T12:50:21.000-04:00
    title HP-UX Running rpcbind, Remote Denial of Service (DoS)
    version 40
refmap via4
bid 21964
confirm http://support.avaya.com/elmodocs2/security/ASA-2007-036.htm
osvdb 31576
sectrack 1017492
secunia
  • 23700
  • 24056
sunalert 102713
vupen ADV-2007-0110
xf solaris-rpcbind-dos(31366)
Last major update 30-10-2018 - 16:25
Published 10-01-2007 - 00:28
Last modified 30-10-2018 - 16:25
Back to Top