Lucene search
K
Linux-nfsNfs-utils

6 matches found

cve
cve
added 2019/09/19 1:27 p.m.376 views

CVE-2019-3689

The CVE-2019-3689 issue affects the nfs-utils package on SUSE Linux Enterprise Server 12 (≤1.3.0-34.18.1) and SLES 15 (≤2.1.1-6.10.2). The directory /var/lib/nfs is owned by statd:nogroup, while files inside are root-owned. If statd is compromised, a process with root privileges could be tricked ...

10CVSS7.2AI score0.01518EPSS
cve
cve
added 2003/07/15 4:0 a.m.197 views

CVE-2003-0252

CVE-2003-0252 describes an off-by-one overflow in the xlog() function used by mountd in the Linux nfs-utils package (pre-1.0.4). Exploitation could allow remote attackers to cause a denial of service and potentially execute arbitrary code via certain RPC requests to mountd that do not contain new...

10CVSS9.5AI score0.15784EPSS
cve
cve
added 2014/02/26 3:0 p.m.81 views

CVE-2011-1749

The CVE-2011-1749 entry concerns nfs-utils before 1.2.4, where the nfs_addmntent function in support/nfs/nfs_mntent.c can append to /etc/mtab without considering resource limits, enabling local users to corrupt the file with a small RLIMIT_FSIZE value (tied to CVE-2011-1089). Several connected ad...

3.3CVSS7.4AI score0.00359EPSS
cve
cve
added 2014/02/15 11:0 a.m.78 views

CVE-2011-2500

Summary: CVE-2011-2500 affects nfs-utils prior to 1.2.4, where host_reliable_addrinfo in support/export/hostname.c fails to properly verify NFS export access via DNS, enabling remote mounts via crafted DNS A/PTR records. Affected components: nfs-utils (before 1.2.4). Root cause: DNS-based access ...

7.5CVSS6.4AI score0.02543EPSS
cve
cve
added 2014/01/21 6:0 p.m.64 views

CVE-2013-1923

CVE-2013-1923 concerns rpc-gssd in nfs-utils before 1.2.8, which performs reverse DNS resolution during GSSAPI authentication. This DNS spoofing could let an attacker read files that should be restricted by spoofing server names. The vulnerability is tied to the nfs-utils RPC GSSD component and i...

3.2CVSS6.3AI score0.01045EPSS
cve
cve
added 2026/03/04 3:25 p.m.40 views

CVE-2025-12801

The CVE-2025-12801 issue affects the rpc.mountd daemon in the linux nfs-utils package. Affected component: rpc.mountd (NFSv3 context) in nfs-utils. Root cause/impact: a NFSv3 client can escalate privileges granted to it in the /etc/exports at mount time, enabling access to any subdirectory or sub...

6.5CVSS5.9AI score0.00462EPSS