-------------------------------------------------------------------------- Debian Security Advisory DSA 180-1 security@debian.org http://www.debian.org/security/ Martin Schulze October 21st, 2002 http://www.debian.org/security/faq -------------------------------------------------------------------------- Package : nis Vulnerability : information leak Problem-Type : remote Debian-specific: no Thorsten Kukuck discovered a problem in the ypserv program which is part of the Network Information Services (NIS). A memory leak in all versions of ypserv prior to 2.5 is remotely exploitable. When a malicious user could request a non-existing map the server will leak parts of an old domainname and mapname.
NOTE: In the 2.x line tcp-wrappers support has been removed.