Bug 15198 - ypbind binds to unlisted server
Summary: ypbind binds to unlisted server
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: ypbind   
(Show other bugs)
Version: 6.2
Hardware: i386
OS: Linux
low
medium
Target Milestone: ---
Assignee: Florian La Roche
QA Contact:
URL:
Whiteboard:
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2000-08-03 01:05 UTC by Ian Mortimer
Modified: 2008-05-01 15:37 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-08-03 01:05:57 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Ian Mortimer 2000-08-03 01:05:55 UTC
RedHat 6.2: ypbind will bind to a server not listed in /etc/yp.conf
and not listed in /etc/hosts.   This creates a security hole whereby
someone on the same network could set up a NIS server and 
wait for a machine to bind to it.  

Ian

Comment 1 Florian La Roche 2000-08-07 14:10:34 UTC
the current package in the rawhide release doesn't use broadcasts per default,
so this should
be fixed now.

Florian La Roche



Note You need to log in before you can comment on or make changes to this bug.