CVE-1999-0168
First published: Thu Jun 04 1992(Updated: )
The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sun SunOS | =4.1.3 | |
| Sun SunOS | =4.1.3c | |
| =4.1.3 | ||
| =4.1.3c |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-1999-0168?
CVE-1999-0168 is considered a moderate severity vulnerability that can lead to unauthorized access due to proxy behavior from the portmapper.
How do I fix CVE-1999-0168?
To fix CVE-1999-0168, restrict access to the portmapper service and apply available patches from your software provider.
What systems are affected by CVE-1999-0168?
CVE-1999-0168 affects Sun SunOS versions 4.1.3 and 4.1.3c.
What type of attacks can be executed using CVE-1999-0168?
CVE-1999-0168 can allow an attacker to bypass authentication and mount NFS file systems that should be restricted.
Is there a workaround for CVE-1999-0168?
A workaround for CVE-1999-0168 involves configuring firewall rules to limit external access to the portmapper service.
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/references
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/event
- agent/tags
- agent/source
- vendor/sun
- canonical/sun sunos
- version/sun sunos/4.1.3
- version/sun sunos/4.1.3c