NEC Corporation Information for VU#538033

ypxfrd daemon fails to properly validate user supplied arguments in "getdbm" procedure


Not Affected

Vendor Statement

sent on September 24, 2002

[Server Products]

* EWS/UP 48 Series operating system
- is NOT vulnerable, since it does not support ypxfrd(1M).

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.