CVE-1999-0208

rpc.ypupdated (NIS) - Command Injection

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-1999-0208. PoCs published by anonymous, Josh D.

AI-analyzed exploit summary The vulnerability in 'rpc.ypupdated' allows command execution as root due to improper input validation when executing the 'make' command. The writeup provides technical details about the issue, including affected systems and Sun BugIDs.

Description

rpc.ypupdated (NIS) allows remote users to execute arbitrary commands.

Exploits (2)

exploitdb WRITEUP VERIFIED

by anonymous · textremotemultiple

https://www.exploit-db.com/exploits/20259

View Code ZIP pw:eip

The vulnerability in 'rpc.ypupdated' allows command execution as root due to improper input validation when executing the 'make' command. The writeup provides technical details about the issue, including affected systems and Sun BugIDs.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: rpc.ypupdated (NIS/YP service) on HP-UX 10.x/11.x, IRIX 3.x/4.x/5.x/6.x, OpenSolaris, Solaris 8/9/10, SunOS 4.1.x

No auth needed

Prerequisites: Network access to the target system running rpc.ypupdated

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Josh D · cremotemultiple

https://www.exploit-db.com/exploits/20258

View Code ZIP pw:eip

This exploit targets a vulnerability in the 'rpc.ypupdated' daemon, which allows command execution as root due to improper input validation when executing the 'make' command. The exploit sends a crafted RPC request to inject shell metacharacters, enabling arbitrary command execution on vulnerable systems.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: rpc.ypupdated (NIS/YP service) on HP-UX 10.x/11.x, IRIX 3.x/4.x/5.x/6.x, OpenSolaris, Solaris 8/9/10, SunOS 4.1.x

No auth needed

Prerequisites: Target must be running ypupdated, keyserv, and ypbind · Network access to the target's RPC service

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory, VDB Entry x_refsource_misc

https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0208

Scores

EPSS 0.1286

EPSS Percentile 95.8%

Details

Status published

Products (10)

ibm/aix 3.2

ibm/aix 4.1

nec/asl_ux_4800

nec/ews-ux_v

nec/up-ux_v

sgi/irix 3

sgi/irix 4

sgi/irix 5.0

sgi/irix 5.1

sgi/irix 5.2

Published Dec 12, 1995

Tracked Since Feb 18, 2026