CVE-2013-1923

rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks...

CVE-2013-1923

rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks...

CVE-2013-1923

CVE-2013-1923 concerns rpc-gssd in nfs-utils before 1.2.8, which performs reverse DNS resolution during GSSAPI authentication. This DNS spoofing could let an attacker read files that should be restricted by spoofing server names. The vulnerability is tied to the nfs-utils RPC GSSD component and i...

CVE-2013-1923

rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks...

Oracle Linux 5 : nfs-utils (ELSA-2008-0486)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2008-0486 advisory. 1.0.9-35z - Added the warning.patch to fix some warning which were flaged by rpmdiff during the errata phasea Errata 2008:0486 1.0.9-34z - Re-enabled tcp...

Oracle Linux 5 : Important: / nfs-utils-lib (ELSA-2007-0951)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0951 advisory. 1.0.8-7.2.z2 - Updated libnfsidmap to -17 to fix a security issue bz 254041 1.0.8-7.2.z1 - Fixed RPC library buffer overflow bz 265061 Tenable has...

Oracle Linux 4 : nfs-utils-lib (ELSA-2007-0913)

From Red Hat Security Advisory 2007:0913 : An updated nfs-utils-lib package to correct a security flaw is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The nfs-utils-lib package contains support...

Oracle Linux 5 : nfs-utils (ELSA-2012-0310)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2012-0310 advisory. - Mount fails to anticipate RLIMITFSIZE bz 697979,CVE-2011-1749 Tenable has extracted the preceding description block directly from the Oracle Linux security...

nfs-utils rpc.gssd privilege escalation

Unsafe PTR DNS record resoulution is used in a security related operation...

[ MDVSA-2013:178 ] nfs-utils

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:178 http://www.mandriva.com/en/support/security/ Package : nfs-utils Date : June 25, 2013 Affected: Business Server 1.0 Problem Description: Updated nfs-utils packages fix security vulnerability It was...

CentOS 4 : nfs-utils (CESA-2009:0955)

An updated nfs-utils package that fixes a security issue and multiple bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The nfs-utils package provides a daemon for the kernel NFS server and...

Mandriva Linux Security Advisory : nfs-utils (MDVSA-2013:178)

Updated nfs-utils packages fix security vulnerability It was reported that rpc.gssd in nfs-utils is vulnerable to DNS spoofing due to it depending on PTR resolution for GSSAPI authentication. Because of this, if a user where able to poison DNS to a victim's computer, they would be able to trick...

MGASA-2013-0178 Updated nfs-utils packages fix security vulnerability

It was reported that rpc.gssd in nfs-utils is vulnerable to DNS spoofing due to it depending on PTR resolution for GSSAPI authentication. Because of this, if a user where able to poison DNS to a victim's computer, they would be able to trick rpc.gssd into talking to another server perhaps with le...

Updated nfs-utils packages fix security vulnerability

It was reported that rpc.gssd in nfs-utils is vulnerable to DNS spoofing due to it depending on PTR resolution for GSSAPI authentication. Because of this, if a user where able to poison DNS to a victim's computer, they would be able to trick rpc.gssd into talking to another server perhaps with le...

Slackware Advisory SSA:2003-195-01b nfs-utils packages replaced

The remote host is missing an update as announced via advisory SSA:2003-195-01b. OpenVAS Vulnerability Test $Id: esoftslkssa200319501b.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware: Security Advisory (SSA:2003-195-01b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mandrake Linux Security Advisory : nfs-utils (MDKSA-2000:021)

A bug recently discovered in the nfs-utils package can theoretically be used for gaining remote root access. While there are currently no known exploits for this bug, we recommend upgrading to the latest version which fixes the bug. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Scientific Linux Security Update : nfs-utils on SL5.x i386/x86_64 (20120221)

The nfs-utils package provides a daemon for the kernel Network File System NFS server, and related tools such as the mount.nfs, umount.nfs, and showmount programs. It was found that the mount.nfs tool did not handle certain errors correctly when updating the mtab mounted file systems table file. ...

Scientific Linux Security Update : nfs-utils-lib on SL4.x i386/x86_64

Tenable Network Security discovered a stack-based buffer overflow flaw in the RPC library used by nfs-utils-lib. A remote unauthenticated attacker who can access an application linked against nfs-utils-lib could trigger this flaw and cause the application to crash. On Red Hat Enterprise Linux 4 i...

Scientific Linux Security Update : nfs-utils on SL6.x i386/x86_64

The nfs-utils packages provide a daemon for the kernel Network File System NFS server, and related tools such as the mount.nfs, umount.nfs, and showmount programs. A flaw was found in the way nfs-utils performed IP based authentication of mount requests. In configurations where a directory was...