Mandrake Linux Security Advisory : nfs-utils (MDKSA-2003:076)

An off-by-one buffer overflow was found in the logging code in nfs-utils when adding a newline to the string being logged. This could allow an attacker to execute arbitrary code or cause a DoS Denial of Service on the server by sending certain RPC requests. %NASLMINLEVEL 70300 C Tenable Network...

SUSE-SA:2003:031: nfs-utils

The remote host is missing the patch for the advisory SUSE-SA:2003:031 nfs-utils. The nfs-utils package contains various programs to offer and manage certain RPC services such as the rpc.mountd. iSEC Security Research has reported an off-by-one bug in the xlog function used by the rpc.mountd. It ...

RHEL 3 : nfs-utils (RHSA-2004:072)

Updated nfs-utils packages that fix a flaw leading to possible rpc.mountd crashes are now available. The nfs-utils package contains the rpc.mountd program, which implements the NFS mount protocol. A flaw was discovered in versions of rpc.mountd in nfs-utils versions after 1.0.3 and prior to 1.0.6...

RHEL 2.1 : shadow-utils (RHSA-2003:058)

Updated shadow-utils packages are now available. These updated packages correct a bug that caused the useradd tool to create mail spools with incorrect permissions. The shadow-utils package includes programs for converting UNIX password files to the shadow password format, plus programs for...

RHEL 2.1 : nfs-utils (RHSA-2003:207)

Updated nfs-utils packages are available that fix a remotely exploitable Denial of Service vulnerability. The nfs-utils package provides a daemon for the kernel NFS server and related tools. Janusz Niewiadomski found a buffer overflow bug in nfs-utils version 1.0.3 and earlier. This bug could be...

CVE-2004-0154

CVE-2004-0154 affects nfs-utils rpc.mountd versions after 1.0.3 and before 1.0.6. The issue allows a denial of service (crash) when performing an NFS mount from a client whose reverse DNS lookup name does not match the forward lookup. Documented in multiple sources (Red Hat RHSA-2004:072, SUSE CV...

[OpenCA Advisory] Vulnerabilities in signature verification

OpenCA Security Advisory 28 November 2003 Vulnerabilities in signature validation ======================================= Multiple flaws in OpenCA before version 0.9.1.4 could cause OpenCA to use an incorrect certificate in the chain to determine the serial being checked which could lead to...

CVE-2003-0252

Off-by-one error in the xlog function of mountd in the Linux NFS utils package nfs-utils before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines...

Linux NFS utils package (nfs-utils) mountd xlog Function Off-by-one Remote Overflow

The remote rpc.mountd daemon is vulnerable to an off-by-one overflow which could be exploited by an attacker to gain a root shell on this host. C Tenable Network Security, Inc. This check is destructive by its very nature, as we need to check for a off-by-one overflow. Very few distributions are...

nfs-utils packages replaced

New nfs-utils packages are available for Slackware 8.1, 9.0, and -current to replace the ones that were issued yesterday. A bug in has been fixed in utils/mountd/auth.c that could cause mountd to crash. Here are the details from the Slackware 9.0 ChangeLog: Tue Jul 15 10:42:58 PDT 2003...

CVE-2003-0252

Off-by-one error in the xlog function of mountd in the Linux NFS utils package nfs-utils before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines...

CVE-2003-0252

CVE-2003-0252 describes an off-by-one overflow in the xlog() function used by mountd in the Linux nfs-utils package (pre-1.0.4). Exploitation could allow remote attackers to cause a denial of service and potentially execute arbitrary code via certain RPC requests to mountd that do not contain new...

CVE-2003-0252

Off-by-one error in the xlog function of mountd in the Linux NFS utils package nfs-utils before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines...

nfs-utils buffer overflow

Malformed RPC request causes off-by-one overflow...

Linux nfs-utils xlog() off-by-one bug

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Synopsis: Linux nfs-utils xlog off-by-one bug Product: nfs-utils Version: = 1.0.3 Vendor: http://sourceforge.net/projects/nfs/ URL: http://isec.pl/vulnerabilities/ CVE: CAN-2003-0252 Author: Janusz Niewiadomski [email protected] Date: July 14, 2003 Issu...

[SECURITY] [DSA-349-1] New nfs-utils package fixes buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 349-1 [email protected] http://www.debian.org/security/ Matt Zimmerman July 14th, 2003 http://www.debian.org/security/faq -...

nfs-utils off-by-one overflow fixed

New nfs-utils packages are available for Slackware 8.1, 9.0, and -current to fix an off-by-one buffer overflow in xlog.c. Thanks to Janusz Niewiadomski for discovering and reporting this problem. The CVE Common Vulnerabilities and Exposures Project has assigned the identification number...

Important: Red Hat Security Advisory: : : : Updated nfs-utils packages fix denial of service vulnerability

Updated nfs-utils packages are available that fix a remotely exploitable Denial of Service vulnerability. Updated 30 July 2003 Added packages for Red Hat Linux on IBM iSeries and pSeries systems. The nfs-utils package provides a daemon for the kernel NFS server and related tools. Janusz...

Important: Red Hat Security Advisory: nfs-utils security update

Updated nfs-utils packages are available that fix a remotely exploitable Denial of Service vulnerability. The nfs-utils package provides a daemon for the kernel NFS server and related tools. Janusz Niewiadomski found a buffer overflow bug in nfs-utils version 1.0.3 and earlier. This bug could be...

DSA-349 nfs-utils - buffer overflow

Bulletin has no description...