New version of nis released

    Date13 Dec 1999
    CategoryDebian
    3139
    Posted ByLinuxSecurity Advisories
    The nis package that was distributed with Debian GNU/Linux 2.1 has a couple of problems: * ypserv allowed any machine in the NIS domain to insert new tables * rpc.yppasswd had a bufferoverflow in its MD5 code * rpc.yppasswd allowed users to change the GECOS and loginshell entries of other users
    -----BEGIN PGP SIGNED MESSAGE-----
    
    - ------------------------------------------------------------------------
    Debian Security Advisory                             This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/      
                       Wichert Akkerman
    October 28, 1999
    - ------------------------------------------------------------------------
    
    
    The nis package that was distributed with Debian GNU/Linux 2.1 has a
    couple of problems:
    * ypserv allowed any machine in the NIS domain to insert new tables
    * rpc.yppasswd had a bufferoverflow in its MD5 code
    * rpc.yppasswd allowed users to change the GECOS and loginshell entries
      of other users
    
    This has been fixed in version 3.5-2. We recommend you upgrade your nis
    package immediately.
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
      Source archives:
        http://security.debian.org/dists/stable/updates/source/nis_3.5-
    2.diff.gz
          MD5 checksum: 5b41361ce80bd2067c2c40f03ea14ac4
        http://security.debian.org/dists/stable/updates/source/nis_3.5-2.dsc
          MD5 checksum: 696ad9726555336e8bab482ee8f2f040
        http://security.debian.org/dists/stable/updates/source/nis_3.5.orig.tar.gz
          MD5 checksum: 368167b1e16eb25ac639935310a26daa
    
      Alpha architecture:
        http://security.debian.org/dists/stable/updates/binary-
    alpha/nis_3.5-2_alpha.deb
          MD5 checksum: c0a8066bd00ed4fe10ac4c7294768ede
    
      Intel ia32 architecture:
        http://security.debian.org/dists/stable/updates/binary-
    i386/nis_3.5-2_i386.deb
          MD5 checksum: 0cc3b116a4ede4dec99189b9bdb9830a
    
      Motorola 680x0 architecture:
        http://security.debian.org/dists/stable/updates/binary-
    m68k/nis_3.5-2_m68k.deb
          MD5 checksum: 5a713462f36bb6faf90d362b5e28aa61
    
      Sun Sparc architecture:
        http://security.debian.org/dists/stable/updates/binary-
    sparc/nis_3.5-2_sparc.deb
          MD5 checksum: 9fa64238b625748523e5f5e8591434cd
    
      These files will be moved into
      ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/ soon.
    
    
    For not yet released architectures please refer to the appropriate
    directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
    
    - -- 
    - ----------------------------------------------------------------------------
    For apt-get: deb http://security.debian.org/ stable 
    updates
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    -----BEGIN PGP SIGNATURE-----
    Version: 2.6.3ia
    Charset: noconv
    
    iQB1AwUBOBd/VqjZR/ntlUftAQEDaQL/U4xUvtW84sRPjrXQS1kqEE0nyUBqEM8b
    T0lVB68/OS1hiwMXAV/oVnBvBnoGSuX0nqA54fcwEBbeagHf7q2/aY/E1C7vPdSU
    SrgcxGwjA66YomkzkfBNLHosSMitKE/F
    =cEQe
    -----END PGP SIGNATURE-----
    
    

    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"25","type":"x","order":"1","pct":54.35,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":10.87,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"16","type":"x","order":"3","pct":34.78,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.