Mandrake Linux Security Advisory : ypserv (MDKSA-2002:078)

Medium Nessus Plugin ID 13976


The remote Mandrake Linux host is missing a security update.


A memory leak that could be triggered remotely was discovered in ypserv 2.5 and earlier. This could lead to a Denial of Service as repeated requests for a non-existent map will result in ypserv consuming more and more memory, and also running more slowly. If the system runs out of available memory, ypserv would also be killed.


Update the affected ypserv package.

Plugin Details

Severity: Medium

ID: 13976

File Name: mandrake_MDKSA-2002-078.nasl

Version: $Revision: 1.15 $

Type: local

Published: 2004/07/31

Modified: 2015/09/14

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:ypserv, cpe:/o:mandrakesoft:mandrake_linux:7.2, cpe:/o:mandrakesoft:mandrake_linux:8.0, cpe:/o:mandrakesoft:mandrake_linux:8.1, cpe:/o:mandrakesoft:mandrake_linux:8.2, cpe:/o:mandrakesoft:mandrake_linux:9.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2002/11/18

Reference Information

CVE: CVE-2002-1232

MDKSA: 2002:078