Mandrake Linux Security Advisory : ypserv (MDKSA-2003:072)

Medium Nessus Plugin ID 14055


The remote Mandrake Linux host is missing a security update.


A vulnerability was found in versions of ypserv prior to version 2.7.
If a malicious client were to query ypserv via TCP and subsequently ignore the server's response, ypserv will block attempting to send the reply. The result is that ypserv will fail to respond to other client requests. ypserv 2.7 and above have been altered to fork a child for each client request, which prevents any one request from causing the server to block.


Update the affected ypserv package.

See Also

Plugin Details

Severity: Medium

ID: 14055

File Name: mandrake_MDKSA-2003-072.nasl

Version: $Revision: 1.14 $

Type: local

Published: 2004/07/31

Modified: 2013/05/31

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:ypserv, cpe:/o:mandrakesoft:mandrake_linux:8.2, cpe:/o:mandrakesoft:mandrake_linux:9.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2003/06/27

Reference Information

CVE: CVE-2003-0251

MDKSA: 2003:072