Linux Nis
Products
5- 3 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 0 CVEs
Recent CVEs
8| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-23768 | Hig | 0.57 | 8.8 | 0.01 | Sep 19, 2022 | This Vulnerability in NIS-HAP11AC is caused by an exposed external port for the telnet service. Remote attackers use this vulnerability to induce all attacks such as source code hijacking, remote control of the device. | ||
| CVE-2003-0251 | 0.00 | — | 0.03 | Jul 24, 2003 | ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client request that does not respond to the server, which causes ypserv to block. | |||
| CVE-2002-1232 | 0.00 | — | 0.03 | Nov 4, 2002 | Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist. | |||
| CVE-1999-0902 | 0.00 | — | 0.00 | Oct 23, 1999 | ypserv allows local administrators to modify password tables. | |||
| CVE-1999-0901 | 0.00 | — | 0.00 | Oct 23, 1999 | ypserv allows a local user to modify the GECOS and login shells of other users. | |||
| CVE-1999-0900 | 0.00 | — | 0.00 | Oct 23, 1999 | Buffer overflow in rpc.yppasswdd allows a local user to gain privileges via MD5 hash generation. | |||
| CVE-1999-0795 | 0.00 | — | 0.02 | Mar 1, 1998 | The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches. | |||
| CVE-1999-0245 | 0.00 | — | 0.00 | Sep 7, 1995 | Some configurations of NIS+ in Linux allowed attackers to log in as the user "+". |
- risk 0.57cvss 8.8epss 0.01
This Vulnerability in NIS-HAP11AC is caused by an exposed external port for the telnet service. Remote attackers use this vulnerability to induce all attacks such as source code hijacking, remote control of the device.
- CVE-2003-0251Jul 24, 2003risk 0.00cvss —epss 0.03
ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client request that does not respond to the server, which causes ypserv to block.
- CVE-2002-1232Nov 4, 2002risk 0.00cvss —epss 0.03
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
- CVE-1999-0902Oct 23, 1999risk 0.00cvss —epss 0.00
ypserv allows local administrators to modify password tables.
- CVE-1999-0901Oct 23, 1999risk 0.00cvss —epss 0.00
ypserv allows a local user to modify the GECOS and login shells of other users.
- CVE-1999-0900Oct 23, 1999risk 0.00cvss —epss 0.00
Buffer overflow in rpc.yppasswdd allows a local user to gain privileges via MD5 hash generation.
- CVE-1999-0795Mar 1, 1998risk 0.00cvss —epss 0.02
The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches.
- CVE-1999-0245Sep 7, 1995risk 0.00cvss —epss 0.00
Some configurations of NIS+ in Linux allowed attackers to log in as the user "+".