Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.50984
Kategorie:Red Hat Local Security Checks
Titel:RedHat Security Advisory RHSA-2003:201
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing updates announced in
advisory RHSA-2003:201.

The ypserv package contains the Network Information Service (NIS) server.

A vulnerability has been discovered in the ypserv NIS server prior to
version 2.7. If a malicious client queries ypserv via TCP and subsequently
ignores the server's response, ypserv will block attempting to send the
reply. This results in ypserv failing to respond to other client requests.

Versions 2.7 and above of ypserv have been altered to fork a child for each
client request, thus preventing any one request from causing the server to
block.

Red Hat recommends that users of NIS upgrade to these packages, which
contain version 2.8.0 of ypserv and are therefore not vulnerable to this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2003-201.html
http://www.linux-nis.org/nis/ypserv/ChangeLog

Risk factor : Medium

CVSS Score:
5.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2003-0251
BugTraq ID: 8031
http://www.securityfocus.com/bid/8031
HPdes Security Advisory: HPSBTU02132
http://www.securityfocus.com/archive/1/440454/100/0/threaded
HPdes Security Advisory: SSRT061154
http://www.mandriva.com/security/advisories?name=MDKSA-2003:072
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A667
http://www.redhat.com/support/errata/RHSA-2003-173.html
http://www.redhat.com/support/errata/RHSA-2003-201.html
http://securitytracker.com/id?1016517
http://secunia.com/advisories/21112
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F55600&zone_32=category%3Asecurity
TurboLinux Advisory: TLSA-2003-43
http://www.turbolinux.com/security/TLSA-2003-43.txt
http://www.vupen.com/english/advisories/2006/2873
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.