Lucene search

[email protected]CVE-2008-1376

HistoryAug 01, 2008 - 2:41 p.m.

CVE-2008-1376

2008-08-0114:41:00

CWE-264

[email protected]

web.nvd.nist.gov

red hat

nfs-utils

rhel 5

cve-2008-1376

tcp wrappers

access restriction

remote attackers

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.5%

JSON

A certain Red Hat build script for nfs-utils before 1.0.9-35z.el5_2 on Red Hat Enterprise Linux (RHEL) 5 omits TCP wrappers support, which might allow remote attackers to bypass intended access restrictions.

Affected configurations

NVD

Node

redhatenterprise_linuxMatch5.0client

redhatenterprise_linuxMatch5.0server

AND

redhatnfs_utilsMatch1.0.935z.el5_2

CPENameOperatorVersion
redhat:nfs_utilsredhat nfs utilseq1.0.9

CPE	Name	Operator	Version
redhat:nfs_utils	redhat nfs utils	eq	1.0.9

References

secunia.com/advisories/31322

secunia.com/advisories/35162

www.redhat.com/support/errata/RHSA-2008-0486.html

www.redhat.com/support/errata/RHSA-2009-0955.html

www.securityfocus.com/bid/30466

www.securitytracker.com/id?1020589

exchange.xforce.ibmcloud.com/vulnerabilities/44256

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10638

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.5%

JSON

Related for CVE-2008-1376

nessus6 centos2 openvas5 prion2 cvelist2 nvd2 redhat2 oraclelinux2 veracode1 cve1