CVE-1999-0189

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Jun 4, 1997

Updated: Nov 20, 2024

Summary

CVE-1999-0189 is a vulnerability affecting Solaris systems where the rpcbind service listens on a high numbered UDP port, which may not be filtered by default firewalls. Since the standard port number for rpcbind is 111, unsecured access to this high port could allow remote attackers to execute arbitrary commands on the system. This issue poses a significant risk, as it enables unauthenticated and unencrypted connections, making it essential for administrators to configure their firewalls to block access to these high ports or limit access to trusted sources.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SunOS

Affected Vendors

Oracle Corp

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlQmh
https://www.cve.org/CVERecord?id=CVE-1999-0189
https://nvd.nist.gov/vuln/detail/CVE-1999-0189

Back to Vulnerability Database