Red Hat Bugzilla – Bug 15198
ypbind binds to unlisted server
Last modified: 2008-05-01 11:37:57 EDT
RedHat 6.2: ypbind will bind to a server not listed in /etc/yp.conf
and not listed in /etc/hosts. This creates a security hole whereby
someone on the same network could set up a NIS server and
wait for a machine to bind to it.
the current package in the rawhide release doesn't use broadcasts per default,
so this should
be fixed now.
Florian La Roche