LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

ypserv: NIS information leak

Package(s):nis, ypserv CVE #(s):CAN-2002-1232
Created:October 21, 2002 Updated:December 5, 2002
Description: Thorsten Kukuck discovered a problem in the ypserv program which is part of the Network Information Services (NIS). A memory leak in all versions of ypserv prior to 2.5 is remotely exploitable. When a malicious user could request a non-existing map the server will leak parts of an old domainname and mapname.
Alerts:
SCO Group CSSA-2002-054.0 2002-12-04
Mandrake MDKSA-2002:078 2002-11-18
Conectiva CLA-2002:539 2002-10-30
Gentoo 200210-010 2002-10-28
Red Hat RHSA-2002:223-07 2002-10-24
Debian DSA-180-1 2002-10-21
(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds