Gentoo: ypserv Remote denial of service
ypserv NIS server before 2.7 allows remote attackers to cause a denialof service via a TCP client request that does not respond to the server,which causes ypserv to block.
Summary
- - --------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200307-04 - - ---------------------------------------------------------------------
- - ---------------------------------------------------------------------
quote from CVE:
"ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client request that does not respond to the server, which causes ypserv to block."
SOLUTION
It is recommended that all Gentoo Linux users who are running net-nds/ypserv upgrade to ypserv-2.8 as follows
emerge sync emerge ypserv emerge clean
- - --------------------------------------------------------------------- aliz@gentoo.org - GnuPG key is available at - - ---------------------------------------------------------------------
Resolution
References
Availability
Concerns
Severity
PACKAGE : ypserv
SUMMARY : denial of service
DATE : 2003-07-11 14:27 UTC
EXPLOIT : remote
VERSIONS AFFECTED : =ypserv-2.8
CVE : CAN-2003-0251
