Mandrake Linux Security Advisory : ypserv (MDKSA-2002:078)

medium Nessus Plugin ID 13976

Synopsis

The remote Mandrake Linux host is missing a security update.

Description

A memory leak that could be triggered remotely was discovered in ypserv 2.5 and earlier. This could lead to a Denial of Service as repeated requests for a non-existent map will result in ypserv consuming more and more memory, and also running more slowly. If the system runs out of available memory, ypserv would also be killed.

Solution

Update the affected ypserv package.

Plugin Details

Severity: Medium

ID: 13976

File Name: mandrake_MDKSA-2002-078.nasl

Version: 1.18

Type: local

Family: Mandriva Local Security Checks

Published: 7/31/2004

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:ypserv, cpe:/o:mandrakesoft:mandrake_linux:7.2, cpe:/o:mandrakesoft:mandrake_linux:8.0, cpe:/o:mandrakesoft:mandrake_linux:8.1, cpe:/o:mandrakesoft:mandrake_linux:8.2, cpe:/o:mandrakesoft:mandrake_linux:9.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 11/18/2002

Reference Information

CVE: CVE-2002-1232

MDKSA: 2002:078

Detections

Analytics