45 matches found
EUVD-1999-0019
Malware in sbrugna...
Debian DLA-1965-1 : nfs-utils security update
In the nfs-utils package, providing support files for Network File System NFS including the rpc.statd daemon, the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If statd is compromised, it can therefore trick processes running with root...
Debian: Security Advisory (DLA-1965-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1965-1] nfs-utils security update
Package : nfs-utils Version : 1.2.8-9+deb8u1 CVE ID : CVE-2019-3689 Debian Bug : 940848 In the nfs-utils package, providing support files for Network File System NFS including the rpc.statd daemon, the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and manag...
CVE-1999-0493
rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SMMON and SMNOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd...
CVE-1999-0019
Delete or create a file via rpc.statd, due to invalid information...
Debian DLA-108-1 : nfs-utils security update
In the past, rpc.statd posted SMNOTIFY requests using the same socket it used for sending downcalls to the kernel. To receive replies from remote hosts, the socket was bound to INADDRANY. To prevent unwanted data injection, bind this socket to the loopback address. NOTE: Tenable Network Security...
[SECURITY] [DLA 108-1] nfs-utils security update
Package : nfs-utils Version : 1:1.2.2-4squeeze3 CVE ID : CVE-2012-3541 In the past, rpc.statd posted SMNOTIFY requests using the same socket it used for sending downcalls to the kernel. To receive replies from remote hosts, the socket was bound to INADDRANY. To prevent unwanted data injection, bi...
DLA-108-1 nfs-utils - security update
Bulletin has no description...
Solaris <= 2.5.1 automount Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/235/info The automounter daemon automountd answers file system mount and unmount requests from the autofs filesystem via RPC. A vulnerability has been discovered that may allow an unauthorized user to send arbitrary...
Conectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (2)
No description provided by source. source: http://www.securityfocus.com/bid/1480/info A vulnerability exists in the 'rpc.statd' program, which is part of the 'nfs-utils' package that is shipped with a number of popular Linux distributions. Because of a format-string vulnerability when calling the...
Conectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (3)
No description provided by source. source: http://www.securityfocus.com/bid/1480/info A vulnerability exists in the 'rpc.statd' program, which is part of the 'nfs-utils' package that is shipped with a number of popular Linux distributions. Because of a format-string vulnerability when calling the...
Conectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (1)
No description provided by source. source: http://www.securityfocus.com/bid/1480/info A vulnerability exists in the 'rpc.statd' program, which is part of the 'nfs-utils' package that is shipped with a number of popular Linux distributions. Because of a format-string vulnerability when calling the...
Sun Solaris <= 2.5.1 rpc.statd rpc Call Relaying Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/450/info The rpc service rpc.statd, shipped with all major versions of Sun's solaris, is the status monitoring service for NFS file locking. The vulnerability lies in rpc.statd's ability to relay rpc calls to other rpc...
Scientific Linux Security Update : nfs-utils on SL5.x i386/x86_64 (20120221)
The nfs-utils package provides a daemon for the kernel Network File System NFS server, and related tools such as the mount.nfs, umount.nfs, and showmount programs. It was found that the mount.nfs tool did not handle certain errors correctly when updating the mtab mounted file systems table file. ...
Low: Red Hat Security Advisory: nfs-utils security, bug fix, and enhancement update
An updated nfs-utils package that fixes one security issue, various bugs, and adds one enhancement is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which...
Nfs-utils rpc.statd Multiple Remote Format String Vulnerabilities
The remote statd service is prone to multiple remote format string vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...
CentOS 5 : nfs-utils (CESA-2009:1321)
An updated nfs-utils package that fixes a security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The nfs-utils package provides a daemon for the kernel NFS server and related tools. It was discovered that...
Low: Red Hat Security Advisory: nfs-utils security and bug fix update
An updated nfs-utils package that fixes a security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The nfs-utils package provides a daemon for the kernel NFS server and related tools. It was discovered that...
Debian Security Advisory DSA 606-1 (nfs-utils)
The remote host is missing an update to nfs-utils announced via advisory DSA 606-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...