kernel: nfs: fix NFS v4 client handling of MAY_EXEC in nfs_permission

The nfspermission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomicopen is available, does not check execute aka EXEC or MAYEXEC permission bits, which allows local users to bypass permissions and execute files, as demonstrated by file...

kernel: nfs: fix NFS v4 client handling of MAY_EXEC in nfs_permission

The nfspermission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomicopen is available, does not check execute aka EXEC or MAYEXEC permission bits, which allows local users to bypass permissions and execute files, as demonstrated by file...

kernel: nfsd should drop CAP_MKNOD for non-root

nfsd in the Linux kernel before 2.6.28.9 does not drop the CAPMKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the rootsquash option...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

kernel: nfs: fix NFS v4 client handling of MAY_EXEC in nfs_permission

The nfspermission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomicopen is available, does not check execute aka EXEC or MAYEXEC permission bits, which allows local users to bypass permissions and execute files, as demonstrated by file...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

kernel: nfsv4 client can be crashed by stating a long filename

fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly initialize a certain structure member that stores the maximum NFS filename length, which allows local users to cause a denial of service OOPS via a long filename, related to the encodelookup function...

RHEL 4 : kernel (RHSA-2009:1024)

Updated kernel packages are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 4. This is the eighth regular update. These updated packages fix two security issues, hundreds of bugs, and add numerous enhancements. Space precludes a detailed descriptio...

RHEL 5 : kernel (RHSA-2009:0473)

Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

kernel security update

CentOS Errata and Security Advisory CESA-2009:0473 Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

[SECURITY] Fedora 9 Update: nfs-utils-1.1.2-9.fc9

The nfs-utils package provides a daemon for the kernel NFS server and related tools, which provides a much higher level of performance than the traditional Linux NFS server used by most users. This package also contains the showmount program. Showmount queries the mount daemon on a remote host fo...

FreeBSD Security Advisory (FreeBSD-SA-06:16.smbfs.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:16.smbfs.asc ADV FreeBSD-SA-06:16.smbfs.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft...

autofs default doesn't set nodev in /net

The default configuration for autofs 5 autofs5 in some Linux distributions, such as Red Hat Enterprise Linux RHEL 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special devic...

autofs default doesn't set nodev in /net

The default configuration for autofs 5 autofs5 in some Linux distributions, such as Red Hat Enterprise Linux RHEL 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special devic...

DEBIAN-CVE-2007-5964

The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux RHEL 5, omits the nosuid option for the hosts /net filesystem map, which allows local users to gain privileges via a setuid program on a remote NFS server...

autofs defaults don't restrict suid in /net

The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux RHEL 5, omits the nosuid option for the hosts /net filesystem map, which allows local users to gain privileges via a setuid program on a remote NFS server...

DEBIAN-CVE-2007-4135

The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...

NFS lockd deadlock

The nlmclntmarkreclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service process crash and deny access to NFS exports via unspecified vectors that trigger a kernel oops null dereference and a deadlock...

Multiple mutt tempfile race conditions

Race condition in the safeopen function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the OEXCL flag on NFS filesystems...