7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.018 Low
EPSS
Percentile
86.8%
The nfs-utils package provides a daemon for the kernel NFS server and
related tools.
It was discovered that nfs-utils did not use tcp_wrappers correctly.
Certain hosts access rules defined in โ/etc/hosts.allowโ and
โ/etc/hosts.denyโ may not have been honored, possibly allowing remote
attackers to bypass intended access restrictions. (CVE-2008-4552)
This updated package also fixes the following bugs:
the โLOCKD_TCPPORTโ and โLOCKD_UDPPORTโ options in โ/etc/sysconfig/nfsโ
were not honored: the lockd daemon continued to use random ports. With this
update, these options are honored. (BZ#434795)
it was not possible to mount NFS file systems from a system that has
the โ/etc/โ directory mounted on a read-only file system (this could occur
on systems with an NFS-mounted root file system). With this update, it is
possible to mount NFS file systems from a system that has โ/etc/โ mounted
on a read-only file system. (BZ#450646)
arguments specified by โSTATDARG=โ in โ/etc/sysconfig/nfsโ were removed
by the nfslock init script, meaning the arguments specified were never
passed to rpc.statd. With this update, the nfslock init script no longer
removes these arguments. (BZ#459591)
when mounting an NFS file system from a host not specified in the NFS
serverโs โ/etc/exportsโ file, a misleading โunknown hostโ error was logged
on the server (the hostname lookup did not fail). With this update, a
clearer error message is provided for these situations. (BZ#463578)
the nhfsstone benchmark utility did not work with NFS version 3 and 4.
This update adds support to nhfsstone for NFS version 3 and 4. The new
nhfsstone โ-2โ, โ-3โ, and โ-4โ options are used to select an NFS version
(similar to nfsstat(8)). (BZ#465933)
the exportfs(8) manual page contained a spelling mistake, โdjandoโ, in
the EXAMPLES section. (BZ#474848)
in some situations the NFS server incorrectly refused mounts to hosts
that had a host alias in a NIS netgroup. (BZ#478952)
in some situations the NFS client used its cache, rather than using
the latest version of a file or directory from a given export. This update
adds a new mount option, โlookupcache=โ, which allows the NFS client to
control how it caches files and directories. Note: The Red Hat Enterprise
Linux 5.4 kernel update (the fourth regular update) must be installed in
order to use the โlookupcache=โ option. Also, โlookupcache=โ is currently
only available for NFS version 3. Support for NFS version 4 may be
introduced in future Red Hat Enterprise Linux 5 updates. Refer to Red Hat
Bugzilla #511312 for further information. (BZ#489335)
Users of nfs-utils should upgrade to this updated package, which contains
backported patches to correct these issues. After installing this update,
the nfs service will be restarted automatically.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | i386 | nfs-utils | <ย 1.0.9-42.el5 | nfs-utils-1.0.9-42.el5.i386.rpm |
RedHat | 5 | src | nfs-utils | <ย 1.0.9-42.el5 | nfs-utils-1.0.9-42.el5.src.rpm |
RedHat | 5 | ppc | nfs-utils | <ย 1.0.9-42.el5 | nfs-utils-1.0.9-42.el5.ppc.rpm |
RedHat | 5 | s390x | nfs-utils | <ย 1.0.9-42.el5 | nfs-utils-1.0.9-42.el5.s390x.rpm |
RedHat | 5 | ia64 | nfs-utils | <ย 1.0.9-42.el5 | nfs-utils-1.0.9-42.el5.ia64.rpm |
RedHat | 5 | x86_64 | nfs-utils | <ย 1.0.9-42.el5 | nfs-utils-1.0.9-42.el5.x86_64.rpm |