Description
The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/25852
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20389
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/26792
Patch, Vendor Advisory vendor-advisory
x_refsource_freebsd
http://security.freebsd.org/advisories/FreeBSD-SA-06:15.ypserv.asc
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/18204
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1016193
Scores
EPSS
0.0044
EPSS Percentile
63.3%
Details
Status
published
Products (4)
freebsd/freebsd
5.3 (4 CPE variants)
freebsd/freebsd
5.4 (5 CPE variants)
freebsd/freebsd
6.0 (3 CPE variants)
freebsd/freebsd
6.1 (3 CPE variants)
Published
Jun 02, 2006
Tracked Since
Feb 18, 2026