RPC/NIS Update contents.gifindex.gif

RPC/NIS Update

The RPC NIS update vulnerability allows an intruder to execute commands on the vulnerable system. Using the NIS service to create files on the target machine, it will create the files as root. Check with your vendor to determine if this service should be updated.

Risk: Medium

Fix: Obtain newer version of rpc.ypupdate from your vendor or disable rpc.ypupdate.

Advisory: CA-93:14.Internet.Security.Scanner