Steve,
Here is the CERT url:
http://www.cert.org/advisories/CA-2003-10.html
I believe that it will affect ldm, as it is statically linked to libnsl,
at least on Suns.
Tom
-----------------------------------------------------------------------------
Tom McDermott Email: tmcderm@xxxxxxxxxxxxxxxxx
Systems Administrator Phone: (585) 395-5718
Earth Sciences Dept. Fax: (585) 395-2416
SUNY College at Brockport
On Thu, 20 Mar 2003, Steve Emmerson wrote:
> Gilbert,
>
> >Date: Wed, 19 Mar 2003 16:35:45 -0600 (CST)
> >From: Gilbert Sebenste <sebenste@xxxxxxxxxxxxxxxxxxxxx>
> >To: ldm-users@xxxxxxxxxxxxxxxx
> >Subject: RPC bug
>
> The above message contained the following:
>
> > I haven't seen this on on here yet, so here goes: there is a CERT
> > advisory, CA-2003-10, re: buffer overflow in the RPC libraries,
> > affecting Sun and other vendors. It isn't clear whether there are
> > exploits currently, but this may have a wide impact.
> >
> > Looks like there will be lots of work to do, esp. remaking static
> > applications...does this affect the LDM?
>
> Offhand, I don't know. Send me a URL and I'll take a look.
>
> Regards,
> Steve Emmerson <http://www.unidata.ucar.edu>
>
