EUVD-2013-1917

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2013-1923

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read...

SUSE SLED10 / SLES10 Security Update : nfs-utils (SUSE-SU-2013:0822-1)

This update fixes a DNS spoofing problem with NFS rpc-gssd. CVE-2013-1923bnc813464 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Oracle Solaris Critical Patch Update : apr2012_SRU4

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: gssd1M. Supported versions that are affected are 8, 9, 10 and 11. Very difficult to exploit vulnerability requiring logon to...

openSUSE Security Update : nfs-utils (openSUSE-SU-2013:1016-1)

This update of nfs-utils includes several bug and security fixes. - gssd-reverse-dns-fix: Allow DNS lookups to be avoided when determining kerberos identity of server. The GSSDOPTIONS sysconfig variable is added so that use of DNS can be enforced for sites that need it. bnc813464 CVE-2013-1923 -...

CVE-2013-1923

rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks...

UBUNTU-CVE-2013-1923

rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks...

CVE-2013-1923

rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks...

CVE-2013-1923

rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks...

CVE-2013-1923

CVE-2013-1923 concerns rpc-gssd in nfs-utils before 1.2.8, which performs reverse DNS resolution during GSSAPI authentication. This DNS spoofing could let an attacker read files that should be restricted by spoofing server names. The vulnerability is tied to the nfs-utils RPC GSSD component and i...

CVE-2013-1923

rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks...

SuSE 10 Security Update : nfs-utils (ZYPP Patch Number 8569)

This update fixes a DNS spoofing problem with NFS rpc-gssd. CVE-2013-1923bnc813464 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid66553; scriptversion"1.6";...

CVE-2012-1683

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to gssd...

Design/Logic Flaw

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to gssd...

CVE-2012-1683

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to gssd...

CVE-2012-1683

Summary (CVE-2012-1683): Affected software: Oracle Solaris 8, 9, 10, 11. Vulnerable component: gssd(1M) in the Solaris userland; root cause details are not publicly provided in the materials. Impact: local users can affect confidentiality, integrity, and availability; escalation to complete OS ta...

Solaris 10 (x86) : 143562-09

SunOS 5.10x86: gssd mechkrb5.so.1 kadmin. Date this patch was last updated by Sun : Mar/30/11 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/12. C Tenable Network Security, Inc. if !...

Solaris 10 (sparc) : 143561-09

SunOS 5.10: gssd mechkrb5.so.1 kadmind pa. Date this patch was last updated by Sun : Mar/30/11 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/12. C Tenable Network Security, Inc. if !...

CVE-2009-3516

gssd in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly handle the NFSv4 Kerberos credential cache, which allows local users to bypass intended access restrictions for Kerberized NFSv4 shares via unspecified vectors...

CVE-2009-3516

CVE-2009-3516 affects IBM AIX: gssd in AIX 5.3.x (up to 5.3.9) and 6.1.x (up to 6.1.2) does not properly handle the NFSv4 Kerberos credential cache, enabling local users to bypass access restrictions on Kerberized NFSv4 shares via unspecified vectors. Impact per CVSS v2 is High (local, no auth, f...