[5761] in bugtraq
Re: CERT Advisory CA-97.26 - statd
daemon@ATHENA.MIT.EDU (matthew green)
Tue Dec 9 16:35:25 1997
Date: Tue, 9 Dec 1997 16:08:01 +1100
Reply-To: mrg@ETERNA.COM.AU
From: matthew green <mrg@ETERNA.COM.AU>
X-To: cert-advisory-request@cert.org
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Fri, 05 Dec 1997 18:39:36 MDT."
<Pine.SUN.3.94.971205183936.13176L@dfw.dfw.net>
just an update for NetBSD on this issue:
CERT* Advisory CA-97.26
Topic: Buffer Overrun Vulnerability in statd(1M) Program
[ ... ]
The NetBSD project
==================
NetBSD is not vulnerable to the statd buffer overflow. It does not ship
with NFS locking programs (statd/lockd).
NetBSD 1.3 does (will :-) ship with rpc.statd and rpc.lockd. they have no
known vulnerabilities. auscert have already updated their advisory.
.mrg.
