[7795] in bugtraq
Update on Linux unfsd
daemon@ATHENA.MIT.EDU (Olaf Kirch)
Sat Aug 29 21:20:58 1998
Date: Sat, 29 Aug 1998 12:06:15 +0200
Reply-To: Olaf Kirch <okir@MONAD.SWB.DE>
From: Olaf Kirch <okir@MONAD.SWB.DE>
To: BUGTRAQ@NETSPACE.ORG
Hi everybody,
heres an update on the Linux unfsd hole. The problem (as most may
have found out by now looking at the diffs) was a buffer overrun in
the code that was supposed to log failed mount attempts :-/
This means, the bug can be exploited even if your client is not listed
in the exports file.
In the meantime, I have released a fixed version. It's available from
linux.mathematik.tu-darmstadt.de in /pub/linux/people/okir, the file's
called nfs-server-2.2beta36.tar.gz.
I had previously released 2.2beta35, but shortly after I uploaded it
a bug was found in the handling of some mount requests.
Note that the upgrade RPM for Caldera OpenLinux is nfs-server-2.2beta35-2,
available from ftp://ftp.caldera.com/pub/OpenLinux/updates/1.2.
Despite the 35 in the name, it has the aforementioned mount problem
fixed.
Olaf
--
Olaf Kirch | --- o --- Nous sommes du soleil we love when we play
okir@monad.swb.de | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax
okir@caldera.de +-------------------- Why Not?! -----------------------
UNIX, n.: Spanish manufacturer of fire extinguishers.
