Remote Buffer Overflow in the rpc.nisd program
Impact
A remotebuffer overflow exists in unpatched versions of the
Solaris 2.3 through 2.6 rpc.nisd, which allows attackers to gain root access on
the vulnerable host.
Background
The rpc.nisd program is a rpc program that implements the
NIS+ service. A malicious user could exceed the maximum length of one the
nisd arguments and cause the program to execute arbitrary code.
Resolution
If you are running Solaris 2.3 through 2.6, disable the rpc.nisd daemon
in by renaming the /var/nis if you are do not need NIS+.
If you are running NIS+, apply the proper patch:
105401-12: Solaris 5.6
105402-12: Solaris 5.6_x86
103612-41: Solaris 5.5.1
103613-41: Solaris 5.5.1_x86
103187-38: Solaris 5.5
103188-38: Solaris 5.5_x86
101973-35: Solaris 5.4
101974-35: Solaris 5.4_x86
Reference(s):