Lucene search
DebianDEBIAN:DLA-108-1:DE844HistoryDec 13, 2014 - 11:34 a.m.
[SECURITY] [DLA 108-1] nfs-utils security update
2014-12-1311:34:15
lists.debian.org
6
6.7 Medium
AI Score
Confidence
Low
Package : nfs-utils
Version : 1:1.2.2-4squeeze3
CVE ID : CVE-2012-3541
In the past, rpc.statd posted SM_NOTIFY requests using the same socket it
used for sending downcalls to the kernel. To receive replies from remote
hosts, the socket was bound to INADDR_ANY. To prevent unwanted data
injection, bind this socket to the loopback address.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 6 | amd64 | nfs-kernel-server | < 1:1.2.2-4squeeze3 | nfs-kernel-server_1:1.2.2-4squeeze3_amd64.deb |
| Debian | 6 | i386 | nfs-common | < 1:1.2.2-4squeeze3 | nfs-common_1:1.2.2-4squeeze3_i386.deb |
| Debian | 6 | amd64 | nfs-common | < 1:1.2.2-4squeeze3 | nfs-common_1:1.2.2-4squeeze3_amd64.deb |
| Debian | 6 | i386 | nfs-kernel-server | < 1:1.2.2-4squeeze3 | nfs-kernel-server_1:1.2.2-4squeeze3_i386.deb |
| Debian | 6 | all | nfs-utils | < 1:1.2.2-4squeeze3 | nfs-utils_1:1.2.2-4squeeze3_all.deb |
Related
cvelist
cvelist
CVE-2012-3541
1976-01-01 00:00:00
nessus
nessus
Debian DLA-108-1 : nfs-utils security update
2015-03-26 00:00:00
RHEL 7 : rpcbind (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 6 : rpcbind (Unpatched Vulnerability)
2024-06-03 00:00:00
cve
cve
CVE-2012-3541
2015-02-24 11:59:00
nvd
nvd
CVE-2012-3541
2015-02-24 11:59:00