• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
  • CERT:CA-96.08.pcnfsd
  • XF:rpc-pcnfsd
Assigning CNA
Date Entry Created
19990607 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (19990621-01)
Votes (Legacy)
ACCEPT(5) Collins, Frech, Landfield, Northcutt, Shostack
NOOP(1) Baker
RECAST(1) Christey
Comments (Legacy)
 Christey> This candidate should be SPLIT, since there are two separate
   software flaws.  One is a symlink race and the other is a
   shell metacharacter problem.
 Christey> The permissions part of this vulnerability appears to
   overlap with CVE-1999-0353
 Christey> SGI:20020802-01-I

Proposed (Legacy)
This is an entry on the CVE list, which standardizes names for security problems.