Bug 15198 - ypbind binds to unlisted server
Summary: ypbind binds to unlisted server
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: ypbind
Version: 6.2
Hardware: i386
OS: Linux
low
medium
Target Milestone: ---
Assignee: Florian La Roche
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2000-08-03 01:05 UTC by Ian Mortimer
Modified: 2008-05-01 15:37 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2000-08-03 01:05:57 UTC


Attachments (Terms of Use)

Description Ian Mortimer 2000-08-03 01:05:55 UTC
RedHat 6.2: ypbind will bind to a server not listed in /etc/yp.conf
and not listed in /etc/hosts.   This creates a security hole whereby
someone on the same network could set up a NIS server and 
wait for a machine to bind to it.  

Ian

Comment 1 Florian La Roche 2000-08-07 14:10:34 UTC
the current package in the rawhide release doesn't use broadcasts per default,
so this should
be fixed now.

Florian La Roche



Note You need to log in before you can comment on or make changes to this bug.