Bugtraq mailing list archives

Re: CERT Advisory CA-97.26 - statd

From: mrg () ETERNA COM AU (matthew green)
Date: Tue, 9 Dec 1997 16:08:01 +1100


just an update for NetBSD on this issue:

   CERT* Advisory CA-97.26
   Topic: Buffer Overrun Vulnerability in statd(1M) Program
   [ ... ]

   The NetBSD project
   ==================

   NetBSD is not vulnerable to the statd buffer overflow. It does not ship
   with NFS locking programs (statd/lockd).

NetBSD 1.3 does (will :-) ship with rpc.statd and rpc.lockd.  they have no
known vulnerabilities.  auscert have already updated their advisory.



.mrg.

Current thread:

CERT Advisory CA-97.26 - statd Aleph One (Dec 05)
- Re: CERT Advisory CA-97.26 - statd matthew green (Dec 08)
- FreeBSD Security Advisory: FreeBSD-SA-97:06.f00f Aleph One (Dec 09)