Mandrake Linux Security Advisory : ypserv (MDKSA-2003:072)
Medium Nessus Plugin ID 14055
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionA vulnerability was found in versions of ypserv prior to version 2.7.
If a malicious client were to query ypserv via TCP and subsequently ignore the server's response, ypserv will block attempting to send the reply. The result is that ypserv will fail to respond to other client requests. ypserv 2.7 and above have been altered to fork a child for each client request, which prevents any one request from causing the server to block.
SolutionUpdate the affected ypserv package.