drucken bookmarks versenden konfigurieren admin pdf Sicherheit: DoS-Attacke auf ypserv
| Name: |
DoS-Attacke auf ypserv
|
|
| ID: |
200307-04 |
|
| Distribution: |
Gentoo |
|
| Plattformen: |
Keine Angabe |
|
| Datum: |
Fr, 11. Juli 2003, 13:00 |
|
| Referenzen: |
Keine Angabe |
|
| Applikationen: |
ypserv |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
--------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200307-04
--------------------------------------------------------------------
PACKAGE : ypserv
SUMMARY : denial of service
DATE : 2003-07-11 14:27 UTC
EXPLOIT : remote
VERSIONS AFFECTED : <ypserv-2.8
FIXED VERSION : >=ypserv-2.8
CVE : CAN-2003-0251
--------------------------------------------------------------------
quote from CVE:
"ypserv NIS server before 2.7 allows remote attackers to cause a denial
of service via a TCP client request that does not respond to the server,
which causes ypserv to block."
SOLUTION
It is recommended that all Gentoo Linux users who are running
net-nds/ypserv upgrade to ypserv-2.8 as follows
emerge sync
emerge ypserv
emerge clean
--------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at http://dev.gentoo.org/~aliz
--------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/DslAfT7nyhUpoZMRAlifAKCJuEv32S1Tsb5ErNVsfHrkxcmIuACfa8Fo
avi3km4Y6pngjxw9QCPcSHs=
=o3G/
-----END PGP SIGNATURE-----
|
|
|
|
