CVE-2002-1199

The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.

Date published : 2004-09-01

http://www.securityfocus.com/bid/5937

http://marc.info/?l=bugtraq&m=103426842025029&w=2