---

Linux-Mandrake Security Advisory: Updates: am-utils, ypserv

Date: Fri, 29 Oct 1999 15:31:35 +0000
From: Gael Duval <<a
href=”mailto:[email protected]”>[email protected]>

To: [email protected]

October 29, 1999 SECURITY UPDATE: am-utils

There is a potential buffer overflow / remote exploit in the
am-utils package. Please upgrade to :

919d46ca0a7a93cf5ac6bd72030876ee
am-utils-6.0.1s11-1mdk.i586.rpm
fa81483da16ce5b83f72ab9dd4edaaa1 am-utils-6.0.1s11-1mdk.src.rpm

October 29, 1999 SECURITY UPDATE: ypserv

This package fixes several problems:

– A bug allowed for all admins on a NIS domain to inject
password tables into the NIS server.
– A user on a NIS domain could change the login shell and GECOS
information (real name, etc.) of other users.
– There was a potential buffer overflow in the MD5 hash
generation.

82dfa8f405bbc56ab7baa656fdd8b8d7 ypserv-1.3.9-1mdk.i586.rpm
1f1f2a2f5c5ed7d84a460e446a892a4f ypserv-1.3.9-1mdk.src.rpm

Please upgrade from: http://www.linux-mandrake.com/en/fupdates.php3


< Gael DUVAL – [email protected]
>