Rapid7 Vulnerability & Exploit Database

RHSA-2003:229: Updated ypserv packages fix various vulnerabilities

Back to Search

RHSA-2003:229: Updated ypserv packages fix various vulnerabilities

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
07/24/2003
Created
07/25/2018
Added
10/28/2005
Modified
07/04/2017

Description

Updated ypserv packages which fix a denial of service (DoS) vulnerability and a memory leak are now available for Red Hat Linux on IBM iSeries and pSeries systems.

The ypserv package contains the Network Information Service (NIS) server. For ypserv versions before 2.5 it was discovered that a memory leak which can be triggered remotely. When someone requests a map that does not exist, a previous mapname may be returned. This happens, for instance, if the command "ypmatch foo aaaaaaaaaaaaaaaaaaaa" is run. Repeatedly running this command will result in the NIS server using more memory and running more slowly. This condition can lead to the killing of the ypserv process due to the system being out of memory. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-1232 to this issue. For ypserv version 2.7 and before, a malicious client can block NIS requests. To do this, the malicious client queries ypserv via TCP and then ignores the server's response. The ypserv daemon will then wait indefinitely for a response from the client indicating it received the message. During this time no other client requests are answered by ypserv, causing a DoS. Versions 2.7 and greater of ypserv have been altered to fork a child process for each client request -- thus preventing any one request from causing a DoS. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0251 to this issue. Red Hat recommends that users of NIS immediately upgrade to the packages contained within this erratum, which are not vulnerable to these

Solution(s)

  • redhat-upgrade-ypserv

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;