CVE-1999-0797: NIS finger allows an attacker to conduct a denial of service via a large number of finger requests,
NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries.
AI Analysis
Technical Summary
CVE-1999-0797 is a vulnerability in the Network Information Service (NIS) finger service on Sun Microsystems' SunOS operating system. The finger service is a protocol used to retrieve information about users on a networked system. This vulnerability allows an attacker to conduct a denial of service (DoS) attack by sending a large number of finger requests to the NIS finger service. Each finger request triggers multiple NIS queries, which can overwhelm the system resources, leading to degraded performance or complete service unavailability. The vulnerability does not affect confidentiality or integrity but impacts availability by exhausting system resources. The attack requires no authentication but has a high attack complexity due to the need to generate a high volume of requests. The CVSS score is 2.6 (low severity), reflecting the limited impact and difficulty of exploitation. There is no patch available, and no known exploits have been reported in the wild. Given the age of the vulnerability (published in 1998) and the specific affected product (SunOS), this vulnerability is primarily relevant to legacy systems still running SunOS with NIS finger enabled.
Potential Impact
For European organizations, the impact of this vulnerability is generally low due to the obsolescence of SunOS and the finger service in modern environments. However, organizations that maintain legacy systems for critical infrastructure, research, or industrial control systems might still be at risk. A successful DoS attack could disrupt internal network services, causing temporary loss of availability of user information services and potentially impacting dependent applications. This could lead to operational delays or interruptions, especially in environments where legacy SunOS systems are integrated into broader network services. The lack of confidentiality or integrity impact limits the risk to data breaches, but availability disruptions could affect business continuity in niche scenarios.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should first identify any legacy SunOS systems running the NIS finger service. If such systems are found, the finger service should be disabled or restricted to trusted internal networks to prevent external exploitation. Network-level controls such as firewalls and intrusion prevention systems should be configured to detect and block excessive finger requests or anomalous traffic patterns targeting NIS services. Since no patch is available, isolating vulnerable systems from untrusted networks is critical. Additionally, organizations should consider migrating legacy systems to supported platforms or modern alternatives that do not rely on vulnerable services. Regular monitoring and logging of network traffic can help detect potential abuse attempts early.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy
CVE-1999-0797: NIS finger allows an attacker to conduct a denial of service via a large number of finger requests,
Description
NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries.
AI-Powered Analysis
Technical Analysis
CVE-1999-0797 is a vulnerability in the Network Information Service (NIS) finger service on Sun Microsystems' SunOS operating system. The finger service is a protocol used to retrieve information about users on a networked system. This vulnerability allows an attacker to conduct a denial of service (DoS) attack by sending a large number of finger requests to the NIS finger service. Each finger request triggers multiple NIS queries, which can overwhelm the system resources, leading to degraded performance or complete service unavailability. The vulnerability does not affect confidentiality or integrity but impacts availability by exhausting system resources. The attack requires no authentication but has a high attack complexity due to the need to generate a high volume of requests. The CVSS score is 2.6 (low severity), reflecting the limited impact and difficulty of exploitation. There is no patch available, and no known exploits have been reported in the wild. Given the age of the vulnerability (published in 1998) and the specific affected product (SunOS), this vulnerability is primarily relevant to legacy systems still running SunOS with NIS finger enabled.
Potential Impact
For European organizations, the impact of this vulnerability is generally low due to the obsolescence of SunOS and the finger service in modern environments. However, organizations that maintain legacy systems for critical infrastructure, research, or industrial control systems might still be at risk. A successful DoS attack could disrupt internal network services, causing temporary loss of availability of user information services and potentially impacting dependent applications. This could lead to operational delays or interruptions, especially in environments where legacy SunOS systems are integrated into broader network services. The lack of confidentiality or integrity impact limits the risk to data breaches, but availability disruptions could affect business continuity in niche scenarios.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should first identify any legacy SunOS systems running the NIS finger service. If such systems are found, the finger service should be disabled or restricted to trusted internal networks to prevent external exploitation. Network-level controls such as firewalls and intrusion prevention systems should be configured to detect and block excessive finger requests or anomalous traffic patterns targeting NIS services. Since no patch is available, isolating vulnerable systems from untrusted networks is critical. Additionally, organizations should consider migrating legacy systems to supported platforms or modern alternatives that do not rely on vulnerable services. Regular monitoring and logging of network traffic can help detect potential abuse attempts early.
Affected Countries
Threat ID: 682ca32bb6fd31d6ed7dea09
Added to database: 5/20/2025, 3:43:39 PM
Last enriched: 7/1/2025, 10:09:57 PM
Last updated: 2/7/2026, 8:21:52 PM
Views: 44
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2026-25764: CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in opf openproject
LowCVE-2026-25729: CWE-863: Incorrect Authorization in lintsinghua DeepAudit
LowCVE-2025-15320: Multiple Binds to the Same Port in Tanium Tanium Client
LowCVE-2026-25724: CWE-61: UNIX Symbolic Link (Symlink) Following in anthropics claude-code
LowCVE-2026-1337: CWE-117 Improper Output Neutralization for Logs in neo4j Enterprise Edition
LowActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.