• info
• discussion
• exploit
• solution
• references

Multiple Vendor rpc.yppasswdd Buffer Overrun Vulnerability

Solution:
It is recemmended that this service is disabled until patches are available. If this is not an option, network access control should be implemented blocking access to ports that rpc.yppasswdd might use.

Customers of HP-UX 10.10 are advised to contact security-alert@hp.com for further information.

HP-UX 10.20 users and admins are advised to download a replacement rpc.yppasswd binary from the following location:

ftp://yppass:yppass@hprc.external.hp.com/
ftp://yppass:yppass@192.170.19.51/

HP-UX 11.00, 11.11, and 11.22 users and admins are advised to apply the follow or subsequent PHNE file:

11.00 - PHNE_28102
11.11 - PHNE_28103
11.22 - PHNE_28138

Further information is available in the referenced advisory.

HP has released a revision of the advisory HPSBUX0302-242 (rev.2). Please see the referenced advisory for more information.

Fixes are available:


Sun Solaris 2.6

• Sun 106303-03
  

Sun Solaris 7.0

• Sun 111590-02
  

Sun Solaris 8_x86

• Sun 111597-02
  

Sun Solaris 2.6_x86

• Sun 106304-03
  

Sun Solaris 8_sparc

• Sun 111596-02
  

Sun Solaris 7.0_x86

• Sun 111591-02
  

HP HP-UX 10.20

• HP PHNE_28886
  http://itrc.hp.com

HP HP-UX 11.0

• HP PHNE_28102
  HP-UX 11.00
  http://itrc.hp.com

HP HP-UX 11.11

• HP PHNE_28103
  http://itrc.hp.com/

HP HP-UX 11.22

• HP PHNE_28138
  http://itrc.hp.com/

Caldera OpenServer 5.0.5

• Caldera OpenServer yppasswd
  ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.19/

Caldera OpenServer 5.0.6

• Caldera OpenServer yppasswd
  ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.19/