Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

Debian 2.1: Critical Update for NIS Package Buffer Overflow

debian
Calendar Grey December 13, 1999
Debian Logo
-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------
The nis package that was distributed with Debian GNU/Linux 2.1 has a couple of problems: * ypserv allowed any machine in the NIS domain to insert new tables * rpc.yppasswd had a bu...

Summary


The nis package that was distributed with Debian GNU/Linux 2.1 has a
couple of problems:
* ypserv allowed any machine in the NIS domain to insert new tables
* rpc.yppasswd had a bufferoverflow in its MD5 code
* rpc.yppasswd allowed users to change the GECOS and loginshell entries
of other users
This has been fixed in version 3.5-2. We recommend you upgrade your nis
package immediately.

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

Source archives:

2.diff.gz
MD5 checksum: 5b41361ce80bd2067c2c40f03ea14ac4
2.dsc
MD5 checksum: 696ad9726555336e8bab482ee8f2f040

MD5 checksum: 368167b1e16eb25ac639935310a26daa

Alpha architecture:

alpha/nis_3.5-2_alpha.deb
MD5 checksum: c0a8066bd00ed4fe10ac4c7294768ede

Intel ia32 architecture:

i386/nis_3.5-2_i386.deb
MD5 checksum: 0cc3b116a4ede4dec99189b9bdb9830a

Motorola 680x0 architecture:

m68k/nis_3.5-2_m68k.deb
MD5 checksum: 5a713462f36bb6faf90d362b...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.