CVE-1999-0795 in Solaris
Summary
by MITRE
The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 04/17/2026
The vulnerability described in CVE-1999-0795 affects the Network Information Service plus rpc.nisd server implementation within Unix-based systems. This represents a critical authentication bypass flaw that allows remote attackers to execute privileged Remote Procedure Calls without proper authentication mechanisms. The vulnerability specifically targets the rpc.nisd service which is responsible for managing NIS+ (Network Information Service plus) database operations and serves as a central point for distributed system information management. The affected system configuration permits unauthenticated access to certain RPC endpoints that should typically require authentication, creating a significant security risk for networked environments relying on NIS+ for directory services.
The technical flaw stems from inadequate authentication checks within the rpc.nisd server implementation where specific RPC calls can be executed without proper credential validation. This authentication bypass allows attackers to perform operations that should be restricted to authorized users or systems, including retrieving sensitive system information, disabling logging mechanisms that would otherwise track malicious activities, and modifying cache contents that maintain system state and configuration data. The vulnerability exists at the RPC layer where the server fails to properly validate incoming requests before executing privileged operations, creating a pathway for unauthorized access to critical system functions. This flaw operates at the application level and affects systems that have NIS+ services enabled and configured to accept remote connections.
The operational impact of this vulnerability is substantial as it provides attackers with comprehensive access to system information that could be used for further exploitation attempts. Attackers can disable logging functionality which removes crucial audit trails and monitoring capabilities, making their activities harder to detect and investigate. The ability to modify caches allows threat actors to manipulate system data, potentially leading to service disruption, data corruption, or creating backdoors for persistent access. This vulnerability affects systems where NIS+ is configured to operate in networked environments, particularly those that have not properly secured their RPC services or implemented additional access controls beyond basic network segmentation. The vulnerability is particularly dangerous in enterprise environments where NIS+ serves as a critical directory service component for managing user accounts, system configurations, and network resources.
Mitigation strategies should focus on implementing proper authentication mechanisms for RPC services and restricting network access to NIS+ servers. Organizations should disable unnecessary NIS+ services and ensure that rpc.nisd only accepts connections from trusted network segments through firewall rules and network access controls. The implementation of proper access control lists and authentication protocols should be enforced to prevent unauthorized RPC calls. Additionally, system administrators should regularly audit NIS+ configurations and disable logging features that could be exploited by attackers. This vulnerability aligns with CWE-287 which addresses improper authentication issues, and relates to ATT&CK technique T1566 which covers phishing with social engineering tactics that could be used to exploit such authentication bypasses. System hardening practices should include disabling unused services, implementing network segmentation, and maintaining up-to-date security configurations that prevent unauthorized access to privileged system functions. Regular security assessments and vulnerability scanning should be performed to identify and remediate similar authentication bypass vulnerabilities in the system infrastructure.