Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2004-1942

Published: Apr 19, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2004-1942
CWEhttps://cwe.mitre.org/data/definitions/NVD-Other.html

The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 through 114342-05, prevent ypserv and ypxfrd from properly restricting access to secure NIS maps, which allows local users to use ypcat or ypmatch to extract the contents of a secure map such as passwd.adjunct.byname.

Affected Software

Name Vendor Start Version End Version
Patch_manager Sun 113579-02 (including) 113579-02 (including)
Patch_manager Sun 113579-03 (including) 113579-03 (including)
Patch_manager Sun 113579-04 (including) 113579-04 (including)
Patch_manager Sun 113579-05 (including) 113579-05 (including)
Patch_manager Sun 114342-02 (including) 114342-02 (including)
Patch_manager Sun 114342-03 (including) 114342-03 (including)
Patch_manager Sun 114342-04 (including) 114342-04 (including)
Patch_manager Sun 114342-05 (including) 114342-05 (including)

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use