1 files changed, 0 insertions, 130 deletions
diff --git a/share/security/advisories/FreeBSD-SA-06:15.ypserv.asc b/share/security/advisories/FreeBSD-SA-06:15.ypserv.asc
deleted file mode 100644
index 942010338d..0000000000
--- a/share/security/advisories/FreeBSD-SA-06:15.ypserv.asc
+++ /dev/null
@@ -1,130 +0,0 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
-=============================================================================
-FreeBSD-SA-06:15.ypserv                                     Security Advisory
-                                                          The FreeBSD Project
-
-Topic:          Inoperative access controls in ypserv(8)
-
-Category:       core
-Module:         ypserv
-Announced:      2006-05-31
-Credits:        Hokan
-Affects:        All FreeBSD 5.x and FreeBSD 6.x releases
-Corrected:      2006-05-31 22:31:21 UTC (RELENG_6, 6.1-STABLE)
-                2006-05-31 22:31:42 UTC (RELENG_6_1, 6.1-RELEASE-p1)
-                2006-05-31 22:32:04 UTC (RELENG_6_0, 6.0-RELEASE-p8)
-                2006-05-31 22:32:22 UTC (RELENG_5, 5.5-STABLE)
-                2006-05-31 22:32:49 UTC (RELENG_5_5, 5.5-RELEASE-p1)
-                2006-05-31 22:33:17 UTC (RELENG_5_4, 5.4-RELEASE-p15)
-                2006-05-31 22:33:41 UTC (RELENG_5_3, 5.3-RELEASE-p30)
-CVE Name:       CVE-2006-2655
-
-For general information regarding FreeBSD Security Advisories,
-including descriptions of the fields above, security branches, and the
-following sections, please visit
-<URL:http://www.freebsd.org/security/>.
-
-I.   Background
-
-The ypserv(8) utility is a server which distributes NIS databases to client
-systems within an NIS domain.
-
-II.  Problem Description
-
-There are two documented methods of restricting access to NIS maps through
-ypserv(8): through the use of the /var/yp/securenets file, and through the
-/etc/hosts.allow file.  While both mechanisms are implemented in the server,
-a change in the build process caused the "securenets" access restrictions
-to be inadvertantly disabled.
-
-III. Impact
-
-ypserv(8) will not load or process any of the networks or hosts specified in
-the /var/yp/securenets file, rendering those access controls ineffective.
-
-IV.  Workaround
-
-One possible workaround is to use /etc/hosts.allow for access control, as
-shown by examples in that file.
-
-Another workaround is to use a firewall (e.g., ipfw(4), ipf(4), or pf(4))
-to limit access to RPC functions from untrusted systems or networks, but
-due to the complexities of RPC, it might be difficult to create a set of
-firewall rules which accomplish this without blocking all access to the
-machine in question.
-
-V.   Solution
-
-Perform one of the following:
-
-1) Upgrade your vulnerable system to 5-STABLE or 6-STABLE, or to the
-RELENG_6_1, RELENG_6_0, RELENG_5_5, RELENG_5_4, or RELENG_5_3 security
-branch dated after the correction date.
-
-2) To patch your present system:
-
-The following patches have been verified to apply to FreeBSD 5.3, 5.4,
-5.5, 6.0, and 6.1 systems.
-
-a) Download the relevant patch from the location below, and verify the
-detached PGP signature using your PGP utility.
-
-# fetch http://security.FreeBSD.org/patches/SA-06:15/ypserv.patch
-# fetch http://security.FreeBSD.org/patches/SA-06:15/ypserv.patch.asc
-
-b) Execute the following commands as root:
-
-# cd /usr/src
-# patch < /path/to/patch
-# cd /usr/src/usr.sbin/ypserv
-# make obj && make depend && make && make install
-
-VI.  Correction details
-
-The following list contains the revision numbers of each file that was
-corrected in FreeBSD.
-
-Branch                                                           Revision
-  Path
-- -------------------------------------------------------------------------
-RELENG_5
-  src/usr.sbin/ypserv/yp_access.c                                1.22.6.1
-RELENG_5_5
-  src/UPDATING                                             1.342.2.35.2.1
-  src/sys/conf/newvers.sh                                   1.62.2.21.2.3
-  src/usr.sbin/ypserv/yp_access.c                               1.22.18.1
-RELENG_5_4
-  src/UPDATING                                            1.342.2.24.2.24
-  src/sys/conf/newvers.sh                                  1.62.2.18.2.20
-  src/usr.sbin/ypserv/yp_access.c                               1.22.10.1
-RELENG_5_3
-  src/UPDATING                                            1.342.2.13.2.33
-  src/sys/conf/newvers.sh                                  1.62.2.15.2.35
-  src/usr.sbin/ypserv/yp_access.c                                1.22.8.1
-RELENG_6
-  src/usr.sbin/ypserv/yp_access.c                               1.22.12.1
-RELENG_6_1
-  src/UPDATING                                             1.416.2.22.2.3
-  src/sys/conf/newvers.sh                                   1.69.2.11.2.3
-  src/usr.sbin/ypserv/yp_access.c                               1.22.16.1
-RELENG_6_0
-  src/UPDATING                                             1.416.2.3.2.13
-  src/sys/conf/newvers.sh                                    1.69.2.8.2.9
-  src/usr.sbin/ypserv/yp_access.c                               1.22.14.1
-- -------------------------------------------------------------------------
-
-VII. References
-
-http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2655
-
-The latest revision of this advisory is available at
-http://security.FreeBSD.org/advisories/FreeBSD-SA-06:15.ypserv.asc
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.3 (FreeBSD)
-
-iD8DBQFEfhuUFdaIBMps37IRAhH5AJ9cpTLcR+aWSRPUa1zUDYThhKDqowCggYr1
-4OyjFHW/C+NB9nMIX8Wf7IE=
-=NNUN
------END PGP SIGNATURE-----