SuSE Linux reveals account management security hole

German distributors warn of "ypserv" account package flaw

A security vulnerability in Linux that could allow restricted accounts to be accessed has been revealed by the distributors of the German SuSE version of the open source operating system.

The fault lies in the package "ypserv" which is a central network account management facility.

Although the latest edition of SuSE Linux is unaffected by this flaw, SuSE recommends that users of older versions of SuSE and other distributions disable this package as soon as possible and contact their vendor for information about upgrading.