|
|
Subscribe / Log in / New account

ypserv: NIS information leak

Package(s):nis, ypserv CVE #(s):CAN-2002-1232
Created:October 21, 2002 Updated:December 5, 2002
Description: Thorsten Kukuck discovered a problem in the ypserv program which is part of the Network Information Services (NIS). A memory leak in all versions of ypserv prior to 2.5 is remotely exploitable. When a malicious user could request a non-existing map the server will leak parts of an old domainname and mapname.
Alerts:
SCO Group CSSA-2002-054.0 exploitable 2002-12-04
Mandrake MDKSA-2002:078 ypserv 2002-11-18
Conectiva CLA-2002:539 ypserv 2002-10-30
Gentoo 200210-010 ypserv 2002-10-28
Red Hat RHSA-2002:223-07 ypserv 2002-10-24
Debian DSA-180-1 nis 2002-10-21
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds