Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Gentoo: 200401-06 Critical Vulnerability in ypserv Causes Remote DoS

gentoo
Calendar Grey July 11, 2003
Dist Gentoo Esm H88
Gentoo Linux Security Notice regarding ypserv outlines a vulnerability leading to potential denial of service remotely, accompanied by instructions for upgrading.
ypserv NIS server before 2.7 allows remote attackers to cause a denialof service via a TCP client request that does not respond to the server,which causes ypserv to block.

Summary


- - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200307-04
- - ---------------------------------------------------------------------

- - ---------------------------------------------------------------------

quote from CVE:

"ypserv NIS server before 2.7 allows remote attackers to cause a denial
of service via a TCP client request that does not respond to the server,
which causes ypserv to block."

SOLUTION

It is recommended that all Gentoo Linux users who are running
net-nds/ypserv upgrade to ypserv-2.8 as follows

emerge sync
emerge ypserv
emerge clean

- - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at   
- - ---------------------------------------------------------------------

Topics%20covered

Topics Covered

security advisory denial of service gentoo critical ypserv

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
critical
Lowest
Low
Medium
High
Critical

PACKAGE : ypserv
SUMMARY : denial of service
DATE : 2003-07-11 14:27 UTC
EXPLOIT : remote
VERSIONS AFFECTED : =ypserv-2.8
CVE : CAN-2003-0251

Topics%20covered

Topics Covered

security advisory denial of service gentoo critical ypserv

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here