CVE Database As of 11-22-2019

CVE-1999-0212

Impact by CVSS Score
  • ID: CVE-1999-0212
Summary:

Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server.

Exploitability Analysis: Network

A vulnerability exploitable with network access means the vulnerable software is bound to the network stack and the attacker does not require local network access or local access. Such a vulnerability is often termed “remotely exploitable”. An example of a network attack is an RPC buffer overflow.

Exploitability Complexity: Low

Specialized access conditions or extenuating circumstances do not exist. The following are examples: The affected product typically requires access to a wide range of systems and users, possibly anonymous an untrusted (e.g., Internet-facing web or mail server). The affected configuration is default or ubiquitous. The attack can be performed manually and requires little skill or additional information gathering. The 'race condition' is a lazy one (i.e., it is technically a race but easily winnable).

Authentication: None

Authentication is not required to access and exploit the vulnerability.

Confidentiality Impact: Complete

There is total information disclosure, resulting in all system files being revealed. The attacker is able to read all of the system's data (memory, files, etc.).

Integrity Impact: None

There is no impact to the integrity of the system.

Availability Impact: None

There is no impact to the availability of the system.

Products Affected

cpe:/o:sun:sunos

cpe:/o:sun:sunos:5.0


Search
Impact
High
CVSS Score
7.8
Created
1998-04-29 00:00:00
Modified
2018-10-30 12:25:12

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be