Lucene search
RedHatRHSA-2002:224HistoryFeb 06, 2003 - 12:00 a.m.
(RHSA-2002:224) ypserv security update
2003-02-0600:00:00
access.redhat.com
17
EPSS
0.037
Percentile
91.9%
ypserv is an NIS authentication server. ypserv versions before 2.5 contain
a memory leak that can be triggered remotely.
When someone requests a map that doesn’t exist, a previous mapname may be
leaked. This happens, for instance, if you run “ypmatch foo
aaaaaaaaaaaaaaaaaaaa”. Repeated runs will result in the yp server using
more and more memory, and running more slowly. It could also result in
ypserv being killed due to the system being out of memory.
This errata updates Red Hat Advanced Server 2.1 to a patched version of
ypserv that doesn’t have the memory leak.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | ia64 | ypserv | < 1.3.12-2.AS21 | ypserv-1.3.12-2.AS21.ia64.rpm |
| RedHat | any | i386 | ypserv | < 1.3.12-2.AS21 | ypserv-1.3.12-2.AS21.i386.rpm |
Related
openvas
openvas
Debian: Security Advisory (DSA-180)
2008-01-17 00:00:00
Debian Security Advisory DSA 180-1 (nis)
2008-01-17 00:00:00
osv
osv
nis - information leak
2002-10-21 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : ypserv (MDKSA-2002:078)
2004-07-31 00:00:00
Debian DSA-180-1 : nis - information leak
2004-09-29 00:00:00
RHEL 2.1 : ypserv (RHSA-2002:224)
2004-07-06 00:00:00
cvelist
cvelist
CVE-2002-1232
2004-09-01 04:00:00
debiancve
debiancve
CVE-2002-1232
2004-09-01 04:00:00
cve
cve
CVE-2002-1232
2004-09-01 04:00:00
nvd
nvd
CVE-2002-1232
2002-11-04 05:00:00