1. Topic:
The ypserv package, which contains the ypserv NIS server
and the yppasswdd password-change server, has been discovered
to have security holes.
2. Problem description:
With ypserv, local administrators in the NIS domain could
possibly inject password tables. In rpc.yppasswdd, users
could change GECOS and login shells of other users, and
there is a buffer overflow in the md5 hash generation.
It is recommended that all users of the ypserv package upgrade
to the new packages.
3. Bug IDs fixed: (see bugzilla for more information)
4. Relevant releases/architectures:
Red Hat Linux 6.1, all architectures
5. Obsoleted by:
None
6. Conflicts with:
None
7. RPMs required:
Intel:
ftp://updates.redhat.com/6.1/en/os/i386/
ypserv-1.3.9-1.i386.rpm
Alpha:
ftp://updates.redhat.com/6.0/en/os/alpha
ypserv-1.3.9-1.alpha.rpm
SPARC:
ftp://updates.redhat.com/6.0/en/os/sparc
ypserv-1.3.9-1.sparc.rpm
Source:
ftp://updates.redhat.com/6.1/en/os/SRPMS
ypserv-1.3.9-1.src.rpm
8. Solution:
For each RPM for your particular architecture, run:
rpm -Uvh filename
where filename is the name of the RPM.
Then, restart ypserv:
/etc/rc.d/init.d/ypserv restart
9. Verification:
MD5 sum Package Name
-------------------------------------------------------------------------
c1a566b7535bb51e25d9c1743f822682 ypserv-1.3.9-1.i386.rpm
a8f5a82d450ddb2b42068537859c18ae ypserv-1.3.9-1.alpha.rpm
6759503c9cc688bcd1902f6511ecc60a ypserv-1.3.9-1.sparc.rpm
f7e8b5a241c4e873822c83be2f0cf566 ypserv-1.3.9-1.src.rpm
These packages are GPG signed by Red Hat, Inc. for security. Our key
is available at:
http://www.redhat.com/about/contact.html
You can verify each package with the following command:
rpm --checksig filename
If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
rpm --checksig --nogpg filename
Note that you need RPM >= 3.0 to check GnuPG keys.
10. References:
19991024163423.6665A67B0@Galois.suse.de
|
|