COMMAND

    ypserv

SYSTEMS AFFECTED

    All (?) linux distributions using the ypserv package prior 1.3.9

PROBLEM

    Following is  based on  SuSE Security  Announcement.   The package
    ypserv is the  former "yellow pages",  now called NIS  information
    service,  which  is  used  for  e.g.  central network user account
    management.   Several  vulnerability  exists:  ypserv  prior 1.3.9
    allows  an  administrator  in  the  NIS  domain to inject password
    tables; rpc.yppasswd prior 1.3.6.92  has got a buffer  overflow in
    the md5 hash generation [SuSE  linux is unaffected by this,  other
    linux  falvors  are];  rpc.yppasswdd  prior  1.3.9 allows users to
    change GECO and login shell values of other users.

    If  administrator  access  to  one  server  in  the  NIS domain is
    compromised, access to the whole domain can be achieved.  On  some
    linux  distributions  other  than  SuSE, The rpc.yppasswdd service
    may halt unexpectedly.   It is theoretically  possible to  execute
    arbitary  code  on  these  systems  too.   User information can be
    changed and restricted accounts opened.

SOLUTION

    Updated the  package from  our FTP  server.   For SuSE  6.0 users:
    please use the 6.1 version. The update:

        ftp://ftp.suse.com/pub/suse/i386/update/6.1/n1/ypserv-1.3.9-0.i386.rpm
        ftp://ftp.suse.com/pub/suse/axp/update/6.1/n1/ypserv-1.3.9-0.alpha.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/6.2/n1/ypserv-1.3.9-0.i386.rpm

    Webpage for patches:

        http://www.suse.de/patches/index.html

    Red Hat Linux 4.x:

        ftp://updates.redhat.com/4.2/i386/ypserv-1.3.9-0.4.2.i386.rpm
        ftp://updates.redhat.com/4.2/alpha/ypserv-1.3.9-0.4.2.alpha.rpm
        ftp://updates.redhat.com/4.2/sparc/ypserv-1.3.9-0.4.2.sparc.rpm
        ftp://updates.redhat.com/4.2/SRPMS/ypserv-1.3.9-0.4.2.src.rpm

    Red Hat Linux 5.x:

        ftp://updates.redhat.com/5.2/i386/ypserv-1.3.9-0.5.2.i386.rpm
        ftp://updates.redhat.com/5.2/alpha/ypserv-1.3.9-0.5.2.alpha.rpm
        ftp://updates.redhat.com/5.2/sparc/ypserv-1.3.9-0.5.2.sparc.rpm
        ftp://updates.redhat.com/5.2/SRPMS/ypserv-1.3.9-0.5.2.src.rpm

    Red Hat Linux 6.x:

        ftp://updates.redhat.com/6.1/i386/ypserv-1.3.9-1.i386.rpm
        ftp://updates.redhat.com/6.0/alpha/ypserv-1.3.9-1.alpha.rpm
        ftp://updates.redhat.com/6.0/sparc/ypserv-1.3.9-1.sparc.rpm
        ftp://updates.redhat.com/6.1/SRPMS/ypserv-1.3.9-1.src.rpm

    Debian patches:

        http://security.debian.org/dists/stable/updates/source/nis_3.5-2.diff.gz
        http://security.debian.org/dists/stable/updates/source/nis_3.5-2.dsc
        http://security.debian.org/dists/stable/updates/source/nis_3.5.orig.tar.gz

        http://security.debian.org/dists/stable/updates/binary-alpha/nis_3.5-2_alpha.deb
        http://security.debian.org/dists/stable/updates/binary-i386/nis_3.5-2_i386.deb
        http://security.debian.org/dists/stable/updates/binary-m68k/nis_3.5-2_m68k.deb
        http://security.debian.org/dists/stable/updates/binary-sparc/nis_3.5-2_sparc.deb

    These files will be moved into

        ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/