31 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Fixed iasize underflow iaattr::iasize is a lofft, which is a signed 64-bit type. NFSv3 and NFSv4 both define file size as an unsigned 64-bit type. Therefore, there is a range of valid file size values that an NFS client...
EUVD-2017-5890
Malware in sbrugna...
CVE-2022-50410
CVE-2022-50410 is a Linux kernel vulnerability in NFSD/NFSv2 READ where a large RPC Call can cause the send buffer to shrink, enabling a client to trigger a buffer overflow on TCP. The entry notes a local-attack potential with high impact (CVSS v3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, base scor...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Linux Distros Unpatched Vulnerability : CVE-2022-43945
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD...
Do Not Enable the NFS Service
The Network File System NFS is one of the earliest and most widely used file systems in UNIX environments. It allows a system to mount file systems of other servers over the network. If the system does not share content through NFS, you are advised to disable NFS to reduce the remote attack...
PT-2024-18455 · Unknown · Vertaai/Modeldb
Name of the Vulnerable Software and Affected Versions: vertaai/modeldb affected versions not specified Description: The issue is related to a path traversal attack due to improper sanitization of user-supplied file paths in the file upload functionality. Attackers can exploit this by manipulating...
Virtuozzo Hybrid Infrastructure 6.0 (6.0.0-243)
In this release, Virtuozzo Hybrid Infrastructure provides an upgrade of the Linux distribution, kernel, and toolset packages. This release also contains a range of new features that cover storage performance, object storage, as well as monitoring and alerts. Additionally, this release delivers...
AZL-11379 CVE-2022-43945 affecting package kernel for versions less than 5.15.82.1-1
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call RPC into a single array of pages. A client can force the send...
Datastore Named 'VeeamBackup_' Listed as Inaccessible
Challenge A Datastore with the name 'VeeamBackup' is found within the vSphere environment and is marked inaccessible. The will be the hostname, FQDN, or IP of a server assigned as the Mount Server for a Repository in Veeam Backup & Replication. Cause The datastore appears "inaccessible" because t...
PT-2021-3813 · Microsoft · Windows Services For Nfs +1
Name of the Vulnerable Software and Affected Versions: Windows Services for NFS affected versions not specified Description: The issue is related to insufficient access restrictions in the ONCRPC XDR Driver of Windows Services for NFS, allowing a remote attacker to gain unauthorized access to...
PT-2024-11315 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 20798dfe249a Description: A NULL dereference vulnerability has been resolved in the Linux kernel. The issue occurs in the nfsd component, specifically in the nfs3svc encode getaclres function, where the dentry m...
Product release: Virtuozzo Infrastructure Platform 3.5 Update 1 (3.5.1-43)
This update provides a new feature as well as fixes and improvements. Vulnerability id: VSTOR-30003 Unable to release node from cluster: 'Unable to send message to any node in ABGW cluster'. Vulnerability id: VSTOR-30135 No read/write data on dashboards if multipath is configured. Vulnerability i...
Design/Logic Flaw
The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings including the NFS export security flavor for authentication that can be leveraged by current and future NFS exports. This NFS service contained a flaw that did not properly...
CVE-2017-14387
The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings including the NFS export security flavor for authentication that can be leveraged by current and future NFS exports. This NFS service contained a flaw that did not properly...
CVE-2017-14387
The CVE-2017-14387 issue concerns EMC Isilon OneFS NFS exports. The affected products are OneFS versions 8.1.0.0, 8.0.1.0–8.0.1.1, and 8.0.0.0–8.0.0.4. The flaw is that changes to the default NFS export security flavor are not consistently propagated to all new and existing NFS exports configured...
CVE-2017-14387
The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings including the NFS export security flavor for authentication that can be leveraged by current and future NFS exports. This NFS service contained a flaw that did not properly...
BOHEMIA INTERACTIVE a.s.: 217.147.95.145 NFS Exposed with Zeus Server configs
NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out the report! Description:...
Oracle Linux 5 : kernel (ELSA-2009-1455)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2009-1455 advisory. - Revert: net atalk/irda: memory leak to user in getname Danny Feng 519309 519310 CVE-2009-3001 CVE-2009-3002 - net atalk/irda: memory leak to user in getname...
Unable to Mount VPower NFS Specified Key Name or Identifier Already Exists
Challenge During a Veeam vPower NFS-based operation SureBackup, Instant Recovery, Instant Disk Recovery, or Other-OS FLR, the following errors may occur: Unable to mount vPower NFS volume :/VeeamBackup. Fault "AlreadyExistsFault", Error The specified key, name, or identifier already exists. Unabl...