Lucene search

[email protected]CVE-2005-0138

HistorySep 21, 2005 - 8:03 p.m.

CVE-2005-0138

2005-09-2120:03:00

CWE-17

[email protected]

web.nvd.nist.gov

sgi irix

rpc.mountd

access control

anonymous clients

cve-2005-0138

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.9%

JSON

rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not correctly allow access to anonymous clients that connect from a system whose hostname can not be determined. NOTE: while this issue occurs in a security mechanism, there is no apparent attacker role and probably does not satisfy the CVE definition of a vulnerability.

Affected configurations

NVD

Node

sgiirixMatch6.5.25

sgiirixMatch6.5.26

sgiirixMatch6.5.27

CPENameOperatorVersion
sgi:irixsgi irixeq6.5.25
sgi:irixsgi irixeq6.5.26
sgi:irixsgi irixeq6.5.27

CPE	Name	Operator	Version
sgi:irix	sgi irix	eq	6.5.25
sgi:irix	sgi irix	eq	6.5.26
sgi:irix	sgi irix	eq	6.5.27

References

ftp://patches.sgi.com/support/free/security/advisories/20050601-01-U

secunia.com/advisories/15619

www.ciac.org/ciac/bulletins/p-214.shtml

www.vupen.com/english/advisories/2005/0702

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.9%

JSON

Related for CVE-2005-0138

cvelist1 nvd1