|
|
Info |
Last Modified |
| 5 months ago |
|
|
|
|
Description |
FreeBSD contains a flaw that may allow "securenets" access restrictions to be inadvertantly disabled. The issue is triggered when a change in the build process caused ypserv to fail to load or process the networks and hosts specified in the /var/yp/securenets file. It is possible that the flaw may allow access to NIS maps resulting in a loss of integrity.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Misconfiguration
Impact:
Loss of Integrity
Exploit:
Exploit Unavailable
Disclosure:
OSVDB Verified
|
|
Solution |
Upgrade to version 5-STABLE or 6-STABLE, or to the RELENG_6_1, RELENG_6_0, RELENG_5_5, RELENG_5_4, or RELENG_5_3 security branch dated after the correction date or higher, as it has been reported to fix this vulnerability. In addition, FreeBSD has released a patch for some older versions. It is also possible to correct the flaw by implementing the following workaround: use /etc/hosts.allow for access control or configure a firewall to restrict access.
|
|
Products |
|
FreeBSD
 |
5.3 |
5.4 |
6.0 |
5.5 |
6.1 |
|
|
|
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
