CVE-1999-0213 in Solarisinfo

Summary

by MITRE

libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Analysis

by VulDB Data Team • 04/17/2026

The vulnerability identified as CVE-1999-0213 represents a critical denial of service flaw within the libnsl library component of Solaris operating systems. This issue specifically targets the rpcbind service which serves as a crucial network service locator for remote procedure call applications. The libnsl library provides legacy support for name service lookup functions that were originally designed for the Network Information Service and other name resolution mechanisms. When an attacker exploits this vulnerability, they can manipulate the rpcbind service to become unresponsive or completely terminate its operations, effectively disrupting network services that depend on remote procedure calls.

The technical nature of this vulnerability stems from improper input validation and handling within the libnsl library's interaction with rpcbind. The flaw occurs during the processing of specific network requests or service queries that rpcbind receives, where malformed or specially crafted inputs can cause the service to crash or enter an infinite loop. This type of vulnerability typically falls under the category of improper input validation as defined by CWE-20, where the system fails to properly validate or sanitize inputs before processing them. The vulnerability exists because the rpcbind service does not adequately protect itself against malformed requests that could trigger memory corruption or resource exhaustion conditions within the libnsl library implementation.

From an operational impact perspective, this vulnerability presents a significant threat to network infrastructure stability and availability. When rpcbind becomes unavailable, all services that depend on remote procedure calls for inter-process communication will experience disruption, potentially affecting critical enterprise applications, database connectivity, and distributed computing environments. The attack vector typically involves sending specially crafted network packets or RPC requests to the rpcbind service, which then triggers the vulnerability in the underlying libnsl library. This can result in complete service outages that may require manual intervention to restore normal operations, including restarting the rpcbind service or rebooting affected systems.

Organizations affected by this vulnerability should implement immediate mitigations including applying the appropriate security patches released by Sun Microsystems for Solaris systems. Network segmentation and firewall rules can be configured to limit access to rpcbind ports, specifically port 111 which is used by rpcbind for service registration and discovery. The ATT&CK framework categorizes this type of vulnerability under privilege escalation and denial of service tactics, where attackers can leverage service vulnerabilities to disrupt system availability. System administrators should also consider implementing monitoring solutions to detect unusual patterns of rpcbind service activity that might indicate exploitation attempts. Additionally, the vulnerability highlights the importance of maintaining updated system libraries and following secure coding practices to prevent similar issues in other network service components. Organizations should conduct regular vulnerability assessments and penetration testing to identify similar weaknesses in their network infrastructure and ensure comprehensive protection against service disruption attacks.

Disclosure

07/15/1998

Moderation

accepted

Entry

VDB-14178

CPE

ready

EPSS

0.01855

KEV

no

Activities

very low

Sources

Interested in the pricing of exploits?

See the underground prices here!