Linux Distros Unpatched Vulnerability : CVE-2012-3417

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The goodclient function in rquotad rquotasvc.c in Linux DiskQuota aka quota before 3.17 invokes the hostsctl function the first time without a host name, which...

RHEL 4 : quota (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - quota: incorrect use of tcpwrappers CVE-2012-3417 Note that Nessus has not tested for this issue but has instead...

SUSE: Security Advisory (SUSE-SU-2012:1071-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2012:1071-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2013-0120)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : quota (openSUSE-SU-2012:1058-1)

quota was fixed to handle tcp wrappers in rquotad correctly. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-529. The text description of this plugin is C SUSE LLC...

Oracle Linux 5 : quota (ELSA-2013-0120)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2013-0120 advisory. - Fix CVE-2012-3417 incorrect use of tcpwrappers Resolves: 841448 Tenable has extracted the preceding description block directly from the Oracle Linux security...

SuSE 11.2 Security Update : quota (SAT Patch Number 6724)

The quota package was updated to fix an issue with tcpwrappers, where hosts.allow/deny files would have not been correctly honored. CVE-2012-3417 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update...

CentOS Update for quota CESA-2013:0120 centos5

Check for the Version of quota OpenVAS Vulnerability Test CentOS Update for quota CESA-2013:0120 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CentOS Update for quota CESA-2013:0120 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Scientific Linux Security Update : quota on SL5.x i386/x86_64 (20130108)

It was discovered that the rpc.rquotad service did not use tcpwrappers correctly. Certain hosts access rules defined in '/etc/hosts.allow' and '/etc/hosts.deny' may not have been honored, possibly allowing remote attackers to bypass intended access restrictions. CVE-2012-3417 This update also fix...

quota security and bug fix update

1:3.13-8.0.1 - Add ocfs2 support Orabug: 14208111 1:3.13-8 - Fix CVE-2012-3417 incorrect use of tcpwrappers Resolves: 841448 1:3.13-7 - Fix parsing numeric arguments of setquota Resolves: 831520 1:3.13-6 - Do not use real domains in warnquota example Resolves: 680429 - Use /proc/mounts for...

RedHat Update for quota RHSA-2013:0120-01

Check for the Version of quota OpenVAS Vulnerability Test RedHat Update for quota RHSA-2013:0120-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

RedHat Update for quota RHSA-2013:0120-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RHEL 5 : quota (RHSA-2013:0120)

An updated quota package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

SuSE 10 Security Update : quota (ZYPP Patch Number 8255)

The quota package was updated to fix an issue with tcpwrappers, where hosts.allow/deny files would have not been correctly honored. CVE-2012-3417 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

CVE-2012-3417

The CVE concerns the quota subsystem (Linux DiskQuota) prior to 3.17. The good_client function in rquotad (rquota_svc.c) can call hosts_ctl the first time without a host name, potentially bypassing TCP Wrappers rules in hosts.deny. Several connected advisories confirm affected packages and indica...