Vulnerabilities of the Red Hat Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the nfs-utils-0.3.1 package of the Red Hat Linux operating system can be exploited, leading to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Novell Netware XNFS caller_name xdrDecodeString Remote Code Execution

No description provided by source. Application: Novell Netware XNFS callername xdrDecodeString Remote Code Execution Vulnerability Platforms: Novell Netware 6.5 SP8 Exploitation: Remote code execution CVE Number: Novell TID: 5117430 ZDI: ZDI-12-11 PRL: 2012-03 Author: Francis Provencher Protek...

Conectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (1)

No description provided by source. source: http://www.securityfocus.com/bid/1480/info A vulnerability exists in the 'rpc.statd' program, which is part of the 'nfs-utils' package that is shipped with a number of popular Linux distributions. Because of a format-string vulnerability when calling the...

Conectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (2)

No description provided by source. source: http://www.securityfocus.com/bid/1480/info A vulnerability exists in the 'rpc.statd' program, which is part of the 'nfs-utils' package that is shipped with a number of popular Linux distributions. Because of a format-string vulnerability when calling the...

Conectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (3)

No description provided by source. source: http://www.securityfocus.com/bid/1480/info A vulnerability exists in the 'rpc.statd' program, which is part of the 'nfs-utils' package that is shipped with a number of popular Linux distributions. Because of a format-string vulnerability when calling the...

wireshark: NFS dissector crash (wnpa-sec-2014-01)

The nfsnamesnoopaddname function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service memory corruption and application crash via a crafte...

kernel: nfs: data leak during extended writes

The nfscanextendwrite function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from kernel memory in opportunistic circumstances by...

DEBIAN-CVE-2014-2281

The nfsnamesnoopaddname function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service memory corruption and application crash via a crafte...

DEBIAN-CVE-2014-2038

The nfscanextendwrite function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from kernel memory in opportunistic circumstances by...

UBUNTU-CVE-2014-2038

The nfscanextendwrite function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from kernel memory in opportunistic circumstances by...

PT-2014-4443 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.13.3 Description: The issue allows local users to obtain sensitive information from kernel memory under certain circumstances. This is due to the nfs can extend write function relying on a write delegation to...

kernel: nfs: missing check for buffer length in __nfs4_get_acl_uncached

Buffer overflow in the nfs4getacluncached function in fs/nfs/nfs4proc.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service memory corruption and system crash or possibly have unspecified other impact via a getxattr system call for the system.nfs4acl extended attribut...

Oracle Linux 4 : kernel (ELSA-2009-1132)

From Red Hat Security Advisory 2009:1132 : Updated kernel packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain...

DEBIAN-CVE-2013-2481

Integer signedness error in the dissectmountdirpathcall function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfsfilenamesnooping is enabled, allows remote attackers to cause a denial of service application crash via a...

kernel: incomplete fix for CVE-2011-4131

The nfs4getacluncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service OOPS by sending an excessive number of bitmap words in an...

kernel: nfs4_getfacl decoding kernel oops

The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service OOPS by sending an excessive number of bitmap words...

Scientific Linux Security Update : nfs-utils on SL5.x i386/x86_64 (20120221)

The nfs-utils package provides a daemon for the kernel Network File System NFS server, and related tools such as the mount.nfs, umount.nfs, and showmount programs. It was found that the mount.nfs tool did not handle certain errors correctly when updating the mtab mounted file systems table file. ...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

This update fixes the following security issues : - multiple flaws were found in the mmap and mremap implementations. A local user could use these flaws to cause a local denial of service or escalate their privileges. CVE-2010-0291, Important - a NULL pointer dereference flaw was found in the Fas...

UBUNTU-CVE-2012-4049

epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service loop and CPU consumption via a crafted packet...

kernel security and bug fix update

2.6.32-279.1.1.el6 - kernel Prevent keyctl newsession from causing a panic David Howells 833433 827424 CVE-2012-2745 - net ipv6/netfilter: fix null pointer dereference in nfctfrag6reasm Petr Matousek 833410 833412 CVE-2012-2744 - fs nfs: Map minor mismatch error to protocol not support error Stev...