National Cyber-Alert System
Vulnerability Summary: CVE-1999-0168
Orirignal release date: 1992-06-04
Source: US-CERT/NIST

Overview

    The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions.

Impact

    CVSS Severity: 8 (High)
    Range: remote
    Authentication: config
    Impact Type: conf,sec_prot user="1"

Reference to Advisories, Solutions, and Tools

Vulnerable Software and Vendor

    SunOS (Sun)

Technical Details

CVE Standard Vulnerability Entry: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0168