DEBIAN-CVE-2006-5297

Race condition in the safeopen function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the OEXCL flag on NFS filesystems...

PT-2006-5896 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.16 Description: The issue allows remote attackers to cause a denial of service, resulting in a process crash and denying access to NFS exports. This is achieved through unspecified vectors that trigger a...

security flaw

Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service file system panic via a crafted UDP packet with a V2 lookup procedure that specifies a bad file handle inode number, which triggers an error and causes an exported directory to be remounted...

security flaw

nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAYSATTR privilege before setting access controls ACL on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems...

NFS client panic using O_DIRECT

The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service NFS client panic via unknown attack vectors related to the use of ODIRECT direct I/O...

PT-2006-2847 · Linux · Linux

Name of the Vulnerable Software and Affected Versions: Linux versions prior to 2.6.17 Description: A directory traversal issue in the CIFS implementation allows local users to bypass chroot restrictions on an SMB-mounted filesystem by utilizing ".." sequences. Recommendations: For Linux versions...

security flaw

Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service crash via a long symlink, which is not properly handled in 1 nfs2xdr.c or 2 nfs3xdr.c and causes a crash in the NFS client...

PT-2005-4386 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel version 2.6.14.4 Description: The issue concerns a lack of privilege checking in the Linux kernel, specifically in the nfs2acl.c file. This omission allows remote attackers to bypass access controls ACLs on files located on...

security flaw

rquotad in nfs-utils rquotaserver.c before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request...

Hydra: PC-NFS

This plugin runs Hydra to find PC-NFS accounts and passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...

security flaw

rpc.mountd in nfs-utils after 1.0.3 and before 1.0.6 allows attackers to cause a denial of service crash via an NFS mount of a directory from a client whose reverse DNS lookup name is different from the forward lookup name...

CVE-2002-0830

Network File System NFS in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service hang via an RPC message with a zero length payload, which causes NFS to reference a previous payload and enter an...

DEBIAN-CVE-2002-0380

Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet...

Security Bulletin MS01-039

---------------------------------------------------------------------- Title: Services for Unix 2.0 Telnet and NFS Services Contain Memory Leaks Date: 23 July 2001 Software: Services for Unix 2.0 Impact: Denial of service Bulletin: MS01-039 Microsoft encourages customers to review the Security...

CVE-1999-0554

CVE-1999-0554 concerns NFS exports that may disclose system-critical data to the world. The provided documents consistently describe exposure via NFS shares that can be mounted and read by an attacker, potentially reading (and in some sources possibly writing) sensitive files on the remote host. ...

CVE-1999-0631

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration CCE. Notes: the former description i...

PT-1999-1185 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A superfluous NFS server is running without importing or exporting any file systems. Recommendations: At the moment, there is no information about a newer version that contains a fi...

PT-1999-1187 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The NFS exports system-critical data to the world, including sensitive directories like the root directory / or a password file. Recommendations: At the moment, there is no information...

PT-1998-1105 · Freebsd · Freebsd

Name of the Vulnerable Software and Affected Versions: FreeBSD affected versions not specified Description: The issue allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system. Recommendations: At the moment, there is no...

PT-1997-1073 · Nfs · Nfs

Name of the Vulnerable Software and Affected Versions: NFS affected versions not specified Description: The issue allows attackers to read and write any file on the system by specifying a false UID. Recommendations: At the moment, there is no information about a newer version that contains a fix...