pcnfs.d contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered during normal operation when file permissions are changed on a symbolic link to a restricted directory. The impact is that directories can become world writable.
A command execution flaw exists in rpc.ypupdated. The update daemon fails to validate data passed to a MAP UPDATE request. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.
The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO
warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright
holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.