Gentoo Security Advisory GLSA 200903-06 (nfs-utils)

The remote host is missing updates announced in advisory GLSA 200903-06. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200903-06 (nfs-utils)

The remote host is missing updates announced in advisory GLSA 200903-06. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

nfs-utils: Access restriction bypass

Background nfs-utils contains the client and daemon implementations for the NFS protocol. Description Michele Marcionelli reported that nfs-utils invokes the hostsctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups. Impact A remote attacker could bypass...

CVE-2008-4552

The goodclient function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hostsctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions...

Design/Logic Flaw

The goodclient function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hostsctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions...

CVE-2008-4552

The goodclient function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hostsctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions...

CVE-2008-4552

The goodclient function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hostsctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions...

HP-UX su vulnerability

Security vulnerability presents if LDAP netgroups are used...

CVE-2002-0765

sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password...

CVE-2002-0765

Technical details for CVE-2002-0765 are not present in the provided connected documents; the initial description notes a login issue in OpenSSH 3.2.2 with YP/netgroups, but no public details are supplied in connected documents.

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password. Remediation There is no fixed version for...

DEBIAN-CVE-2002-0765

sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password...

CVE-2002-0765

sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password...

PT-2002-1786 · Openssh +1 · Openssh +1

Name of the Vulnerable Software and Affected Versions: OpenSSH version 3.2.2 Description: The issue allows users to successfully authenticate and log in with another user's password under certain conditions when using YP with netgroups. Recommendations: For OpenSSH version 3.2.2, update to a newe...

CVE-2002-0557

Vulnerability in OpenBSD 3.0, when using YP with netgroups in the password database, causes 1 rexec or 2 rsh to run another user's shell, or 3 atrun to change to a different user's directory, possibly due to memory allocation failures or an incorrect call to authapproval...

CVE-2002-0557

Vulnerability in OpenBSD 3.0, when using YP with netgroups in the password database, causes 1 rexec or 2 rsh to run another user's shell, or 3 atrun to change to a different user's directory, possibly due to memory allocation failures or an incorrect call to authapproval...

CVE-2002-0557

OpenBSD 3.0 vulnerability when using NIS/YP with netgroups in the password database can allow rexec or rsh to run another user’s shell, or atrun to switch to a different user’s directory, possibly due to memory allocation failures or an incorrect call to auth_approval(). No remediation details ar...