NOTICE: This version of the NSF Unidata web site (archive.unidata.ucar.edu) is no longer being updated.
Current content can be found at unidata.ucar.edu.
To learn about what's going on, see About the Archive Site.
NOTICE: This version of the NSF Unidata web site (archive.unidata.ucar.edu) is no longer being updated.
Current content can be found at unidata.ucar.edu.
To learn about what's going on, see About the Archive Site.
Steve,
Here is the CERT url:
http://www.cert.org/advisories/CA-2003-10.html
I believe that it will affect ldm, as it is statically linked to libnsl,
at least on Suns.
Tom
-----------------------------------------------------------------------------
Tom McDermott Email: tmcderm@xxxxxxxxxxxxxxxxx
Systems Administrator Phone: (585) 395-5718
Earth Sciences Dept. Fax: (585) 395-2416
SUNY College at Brockport
On Thu, 20 Mar 2003, Steve Emmerson wrote:
> Gilbert,
>
> >Date: Wed, 19 Mar 2003 16:35:45 -0600 (CST)
> >From: Gilbert Sebenste <sebenste@xxxxxxxxxxxxxxxxxxxxx>
> >To: ldm-users@xxxxxxxxxxxxxxxx
> >Subject: RPC bug
>
> The above message contained the following:
>
> > I haven't seen this on on here yet, so here goes: there is a CERT
> > advisory, CA-2003-10, re: buffer overflow in the RPC libraries,
> > affecting Sun and other vendors. It isn't clear whether there are
> > exploits currently, but this may have a wide impact.
> >
> > Looks like there will be lots of work to do, esp. remaking static
> > applications...does this affect the LDM?
>
> Offhand, I don't know. Send me a URL and I'll take a look.
>
> Regards,
> Steve Emmerson <http://www.unidata.ucar.edu>
>
ldm-users archives: