3 matches found
[ MDKSA-2007:240 ] - Updated libnfsidmap packages fix username lookup flaw
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2007:240 http://www.mandriva.com/security/ Package : libnfsidmap Date : December 7, 2007 Affected: 2007.0, Corporate 4.0 Problem Description: The NFSv4 ID mapper prior to 0.17 did not properly handle return value...
CVE-2007-4135
The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...
CVE-2007-4135
CVE-2007-4135 affects the NFSv4 ID mapper (libnfsidmap) prior to 0.17. The root cause is improper handling of return values from getpwnam_r during username lookup, which can cause a file to be reported as owned by root instead of nobody when the file exists on the server but not on the client. Pu...