Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2007-4135HistorySep 05, 2007 - 1:17 a.m.
CVE-2007-4135
2007-09-0501:17:00
Debian Security Bug Tracker
security-tracker.debian.org
8
6.2 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
29.7%
The NFSv4 ID mapper (nfsidmap) before 0.17 does not properly handle return values from the getpwnam_r function when performing a username lookup, which can cause it to report a file as being owned by “root” instead of “nobody” if the file exists on the server but not on the client.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | all | libnfsidmap | < 0.18-0 | libnfsidmap_0.18-0_all.deb |
| Debian | 10 | all | libnfsidmap | < 0.18-0 | libnfsidmap_0.18-0_all.deb |
Related
securityvulns
securityvulns
libnfsidmap / NFS privilege escalation
2007-12-12 00:00:00
[ MDKSA-2007:240 ] - Updated libnfsidmap packages fix username lookup flaw
2007-12-12 00:00:00
cve
cve
CVE-2007-4135
2007-09-05 01:17:00
nessus
nessus
Mandrake Linux Security Advisory : libnfsidmap (MDKSA-2007:240)
2007-12-11 00:00:00
RHEL 5 : nfs-utils-lib (RHSA-2007:0951)
2007-10-03 00:00:00
Scientific Linux Security Update : nfs-utils-lib on SL5.x i386/x86_64
2012-08-01 00:00:00
prion
prion
Code injection
2007-09-05 01:17:00
ubuntucve
ubuntucve
CVE-2007-4135
2007-09-05 00:00:00
openvas
openvas
Mandriva Update for libnfsidmap MDKSA-2007:240 (libnfsidmap)
2009-04-09 00:00:00
Mandriva Update for libnfsidmap MDKSA-2007:240 (libnfsidmap)
2009-04-09 00:00:00
oraclelinux
oraclelinux
Important: nfs-utils-lib security update
2007-10-02 00:00:00
redhat
redhat
(RHSA-2007:0951) Important: nfs-utils-lib security update
2007-10-02 00:00:00
centos
centos
nfs security update
2007-10-03 06:03:16
6.2 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
29.7%
Related for DEBIANCVE:CVE-2007-4135