libnis vuls, Sun 5.5.1 extract_secret() | D | 85 | publickey.c | overflows buffer with *raw.. at very top.. probability is high getkeys_nis() | D | 140 | publickey.c | overflows the key with a value too big.. yp_match() must return no errors for this to succeed.. so I think if they are on a legit server, the probability is high, otherwise.. we'll say average/moderate getpublickey() | D | 421 | publickey.c | calls getkeys_nis() (see above).. __nsw_getconfig() succeeding is probably for the better.. but it might not need to succeed.. it doesn't return or anything.. just uses a default list. probability is probably moderate/average to high getsecretkey() | U | 481 | publickey.c | calls getkeys_nis() (see above).. same probability as getpublickey() (see above)