19 matches found
MiracleLinux 3 : nfs-utils-1.0.9-42.1AXS3 (AXSA:2009-391:02)
The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2009-391:02 advisory. The nfs-utils package provides a daemon for the kernel NFS server and related tools, which provides a much higher level of performance than the traditional...
Oracle Linux 5 : nfs-utils (ELSA-2009-1321)
The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2009-1321 advisory. 1.0.9-42 - mountd: Check host alias with netgroups bz 478952 - exportfs: fixed typo in man page bz 474848 - nfs.init: NFS server reboot results in 'Stale NFS fi...
Scientific Linux Security Update : nfs-utils on SL5.x i386/x86_64
It was discovered that nfs-utils did not use tcpwrappers correctly. Certain hosts access rules defined in '/etc/hosts.allow' and '/etc/hosts.deny' may not have been honored, possibly allowing remote attackers to bypass intended access restrictions. CVE-2008-4552 This updated package also fixes th...
CentOS 5 : nfs-utils (CESA-2009:1321)
An updated nfs-utils package that fixes a security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The nfs-utils package provides a daemon for the kernel NFS server and related tools. It was discovered that...
SLES10: Security update for nfs-utils
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: nfs-utils More details may also be found by searching for the SuSE Enterprise Server 10 patch database linked in the references. SPDX-FileCopyrightText: 2009...
SLES10: Security update for nfs-utils
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: nfs-utils More details may also be found by searching for the SuSE Enterprise Server 10 patch database located at http://download.novell.com/patch/finder/ VI...
SLES9: Security update for nfs-utils
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: nfs-utils For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5040680 within the...
SLES9: Security update for nfs-utils
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: nfs-utils For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5040680 within the...
SuSE9 Security Update : nfs-utils (YOU Patch Number 12274)
This update of nfs-utils fixes the handling of the tcp wrapper ACLs. CVE-2008-4552 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid41250; scriptversion"1.8";...
SuSE 10 Security Update : nfs-utils (ZYPP Patch Number 5713)
This update of nfs-utils fixes the handling of the tcp wrapper ACLs. CVE-2008-4552 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid41564; scriptversion"1.11";...
RedHat Security Advisory RHSA-2009:1321
The remote host is missing updates to nfs-utils announced in advisory RHSA-2009:1321. It was discovered that nfs-utils did not use tcpwrappers correctly. Certain hosts access rules defined in /etc/hosts.allow and /etc/hosts.deny may not have been honored, possibly allowing remote attackers to...
Mandriva Linux Security Advisory : nfs-utils (MDVSA-2009:060)
A security vulnerability has been identified and fixed in nfs-utils, which caused TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions CVE-2008-4552. The updated packages have been patched to prevent this. %NASLMINLEVEL 70300 C Tenable Network...
Mandrake Security Advisory MDVSA-2009:060-1 (nfs-utils)
The remote host is missing an update to nfs-utils announced via advisory MDVSA-2009:060-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
Gentoo Security Advisory GLSA 200903-06 (nfs-utils)
The remote host is missing updates announced in advisory GLSA 200903-06. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 10.3)
The remote host is missing updates announced in advisory SUSE-SR:2009:001. SuSE Security Summaries are short on detail when it comes to the names of packages affected by a particular bug. Because of this, while this test will detect out of date packages, it cannot tell you what bugs impact which...
rPSA-2008-0307-1 nfs-client nfs-server nfs-utils
rPath Security Advisory: 2008-0307-1 Published: 2008-10-30 Products: rPath Appliance Platform Linux Service 1 rPath Appliance Platform Linux Service 2 rPath Linux 1 rPath Linux 2 Rating: Minor Exposure Level Classification: Remote Vulnerability Updated Versions:...
nfs-utils软件包hosts_ctl()函数绕过安全限制漏洞
BUGTRAQ ID: 31823 CVECAN ID: CVE-2008-4552 nfs-utils软件包可提供内核NFS服务器和相关工具的守护程序。 nfs-utils软件包的TCP封装程序实现用错误的参数序列调用了hostsctl函数,远程攻击者可以绕过对NFS netgroup所实施的访问控制规则,获得对受限服务的访问。 sourceforge nfs-utils 1.0.9 sourceforge ----------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://freshmeat.net/projects/nfs-utils/...
CVE-2008-4552
The goodclient function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hostsctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions...
CVE-2008-4552
CVE-2008-4552 affects nfs-utils 1.0.9 and possibly earlier versions before 1.1.3. The good_client function calls hosts_ctl with arguments in the wrong order, causing TCP Wrappers to ignore netgroups and allow remote attackers to bypass access restrictions. This is a network-exposed issue (TCP wra...