Bug 15198 - ypbind binds to unlisted server
ypbind binds to unlisted server
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: ypbind (Show other bugs)
6.2
i386 Linux
low Severity medium
: ---
: ---
Assigned To: Florian La Roche
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-08-02 21:05 EDT by Ian Mortimer
Modified: 2008-05-01 11:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-08-02 21:05:57 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Ian Mortimer 2000-08-02 21:05:55 EDT
RedHat 6.2: ypbind will bind to a server not listed in /etc/yp.conf
and not listed in /etc/hosts.   This creates a security hole whereby
someone on the same network could set up a NIS server and 
wait for a machine to bind to it.  

Ian
Comment 1 Florian La Roche 2000-08-07 10:10:34 EDT
the current package in the rawhide release doesn't use broadcasts per default,
so this should
be fixed now.

Florian La Roche

Note You need to log in before you can comment on or make changes to this bug.