Debian Security Advisory
nis -- local exploit
- Date Reported:
- 14 Oct 2000
- Affected Packages:
- nis
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2000-1040.
- More information:
-
The version of nis as distributed in Debian GNU/Linux 2.1 and 2.2
contains a ypbind package with a security problem.
ypbind is used to request information from a nis server which is then used by the local machine. The logging code in ypbind was vulnerable to a printf formatting attack which can be exploited by passing ypbind a carefully crafted request. This way ypbind can be made to run arbitrary code as root.
This has been fixed in version 3.5-2.1 for Debian GNU/Linux 2.1 and version 3.8-0.1 for Debian GNU/Linux 2.2.
Note: At this moment, slink security updates for alpha and sparc are no longer being made. Support for i386 and m68k will continue until the end of this month.
- Fixed in:
-
Debian GNU/Linux 2.1 (slink)
- Source:
- http://security.debian.org/dists/slink/updates/source/nis_3.5-2.1.diff.gz
- http://security.debian.org/dists/slink/updates/source/nis_3.5-2.1.dsc
- http://security.debian.org/dists/slink/updates/source/nis_3.5.orig.tar.gz
- http://security.debian.org/dists/slink/updates/source/nis_3.5-2.1.dsc
- Intel IA32:
- http://security.debian.org/dists/slink/updates/binary-i386/nis_3.5-2.1_i386.deb
- Motorola 680x0:
- http://security.debian.org/dists/slink/updates/binary-m68k/nis_3.5-2.1_m68k.deb
Debian GNU/Linux 2.2 (potato)
- Source:
- http://security.debian.org/dists/potato/updates/main/source/nis_3.8-0.1.diff.gz
- http://security.debian.org/dists/potato/updates/main/source/nis_3.8-0.1.dsc
- http://security.debian.org/dists/potato/updates/main/source/nis_3.8.orig.tar.gz
- http://security.debian.org/dists/potato/updates/main/source/nis_3.8-0.1.dsc
- Alpha:
- http://security.debian.org/dists/potato/updates/main/binary-alpha/nis_3.8-0.1_alpha.deb
- ARM:
- http://security.debian.org/dists/potato/updates/main/binary-arm/nis_3.8-0.1_arm.deb
- Intel IA32:
- http://security.debian.org/dists/potato/updates/main/binary-i386/nis_3.8-0.1_i386.deb
- Motorola 680x0:
- http://security.debian.org/dists/potato/updates/main/binary-m68k/nis_3.8-0.1_m68k.deb
- PowerPC:
- http://security.debian.org/dists/potato/updates/main/binary-powerpc/nis_3.8-0.1_powerpc.deb
- Sun SPARC:
- http://security.debian.org/dists/potato/updates/main/binary-sparc/nis_3.8-0.1_sparc.deb