|Category:||FreeBSD Local Security Checks|
|Title:||FreeBSD Security Advisory (FreeBSD-SA-06:15.ypserv.asc)|
|Summary:||FreeBSD Security Advisory (FreeBSD-SA-06:15.ypserv.asc)|
|Description:||The remote host is missing an update to the system|
as announced in the referenced advisory FreeBSD-SA-06:15.ypserv.asc
The ypserv(8) utility is a server which distributes NIS databases to client
systems within an NIS domain.
There are two documented methods of restricting access to NIS maps through
ypserv(8): through the use of the /var/yp/securenets file, and through the
/etc/hosts.allow file. While both mechanisms are implemented in the server,
a change in the build process caused the securenets access restrictions
to be inadvertantly disabled.
Upgrade your system to the appropriate stable release
or security branch dated after the correction date
Common Vulnerability Exposure (CVE) ID: CVE-2006-2655|
FreeBSD Security Advisory: FreeBSD-SA-06:15
BugTraq ID: 18204
XForce ISS Database: freebsd-ypserv-security-bypass(26792)
|Copyright||Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com|
|This is only one of 40037 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.