Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 533
Alerts This Week
Warning Icon 1 533

Debian 2.1 nfs-server: Critical Remote Exploit Advisory

debian
Calendar Grey December 13, 1999
Debian Logo
Critical vulnerability patched in nfs-server release 2.2beta37-1slink.1. Update now to ensure system protection!
The version of nfs-server that was distributed in Debian GNU/Linux 2.1 had a buffer overflow in fh_buildpath()

Summary


The version of nfs-server that was distributed in Debian GNU/Linux 2.1 had a
buffer overflow in fh_buildpath(). It assumed that the total length of a path
would never exceed (PATH_MAX_NAME_MAX). With a read/write exported directory
people could created longes path and cause a bufferoverflow.

This has been addressed in version 2.2beta37-1slink.1, and we recommend you
upgrade your nfs-server package immediately.

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

Debian GNU/Linux 2.1 alias slink

This version of Debian was released only for Intel, the Motorola
680x0, the alpha and the Sun sparc architecture.

Source archives:

server_2.2beta37-1slink.1.diff.gz
MD5 checksum: 277c6daafd5b6f3947908a40761473d1

server_2.2beta37-1slink.1.dsc
MD5 checksum: c9bcdd19e29055d420e1c50dee6425d4

urce/nfs-server_2.2beta37.orig.tar.gz
MD5 checksum: afe0f88c48add25f304a387ae4fb40ba

Alpha architecture:

alpha/nfs-server_2.2beta37-...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.