CVE-2004-1942
Last modified
CVE-2004-1942 is a vulnerability of currently unknown severity. The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 through 114342-05, prevent ypserv and ypxfrd from properly restricting access to secure NIS maps, which allows local users to use ypcat or ypmatch to extract the contents of a secure map such as passwd.adjunct.byname.. EPSS estimates a 1.44% chance of exploitation in the next 30 days.
Description
The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 through 114342-05, prevent ypserv and ypxfrd from properly restricting access to secure NIS maps, which allows local users to use ypcat or ypmatch to extract the contents of a secure map such as passwd.adjunct.byname.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Sun | Patch Manager | 113579-02 |
| Sun | Patch Manager | 113579-03 |
| Sun | Patch Manager | 113579-04 |
| Sun | Patch Manager | 113579-05 |
| Sun | Patch Manager | 114342-02 |
| Sun | Patch Manager | 114342-03 |
| Sun | Patch Manager | 114342-04 |
| Sun | Patch Manager | 114342-05 |
References
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-57554-1Exploit, Patch, Vendor Advisory
- http://www.ciac.org/ciac/bulletins/o-144.shtmlExploit, Patch, Vendor Advisory
- http://www.securityfocus.com/bid/10261Patch, Vendor Advisory
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-57554-1Exploit, Patch, Vendor Advisory
- http://www.ciac.org/ciac/bulletins/o-144.shtmlExploit, Patch, Vendor Advisory
- http://www.securityfocus.com/bid/10261Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2004-1942?
How severe is CVE-2004-1942?
How do I fix CVE-2004-1942?
Are you affected by CVE-2004-1942?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST