Summary
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:15.ypserv.asc
Solution
Upgrade your system to the appropriate stable release or security branch dated after the correction date
https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-06:15.ypserv.asc
Insight
The ypserv(8) utility is a server which distributes NIS databases to client systems within an NIS domain.
There are two documented methods of restricting access to NIS maps through ypserv(8): through the use of the /var/yp/securenets file, and through the /etc/hosts.allow file. While both mechanisms are implemented in the server, a change in the build process caused the securenets access restrictions to be inadvertantly disabled.
Severity
Classification
-
CVE CVE-2006-2655 -
CVSS Base Score: 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:N
Related Vulnerabilities