Lucene search
RootSSV:4270HistoryOct 22, 2008 - 12:00 a.m.
nfs-utils软件包hosts_ctl()函数绕过安全限制漏洞
2008-10-2200:00:00
Root
www.seebug.org
13
0.018 Low
EPSS
Percentile
86.8%
BUGTRAQ ID: 31823
CVE(CAN) ID: CVE-2008-4552
nfs-utils软件包可提供内核NFS服务器和相关工具的守护程序。
nfs-utils软件包的TCP封装程序实现用错误的参数序列调用了hosts_ctl()函数,远程攻击者可以绕过对NFS netgroup所实施的访问控制规则,获得对受限服务的访问。
sourceforge nfs-utils 1.0.9
sourceforge
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“http://freshmeat.net/projects/nfs-utils/” target=“_blank”>http://freshmeat.net/projects/nfs-utils/</a>
Related
nessus
nessus
SuSE 10 Security Update : nfs-utils (ZYPP Patch Number 5713)
2009-09-24 00:00:00
SuSE9 Security Update : nfs-utils (YOU Patch Number 12274)
2009-09-24 00:00:00
RHEL 5 : nfs-utils (RHSA-2009:1321)
2009-09-02 00:00:00
openvas
openvas
Ubuntu Update for nfs-utils vulnerability USN-687-1
2009-03-23 00:00:00
CentOS Security Advisory CESA-2009:1321 (nfs-utils)
2009-09-21 00:00:00
Gentoo Security Advisory GLSA 200903-06 (nfs-utils)
2009-03-13 00:00:00
oraclelinux
oraclelinux
nfs-utils security and bug fix update
2009-09-08 00:00:00
centos
centos
nfs security update
2009-09-15 18:34:40
securityvulns
securityvulns
nfs protection bypass
2008-11-02 00:00:00
rPSA-2008-0307-1 nfs-client nfs-server nfs-utils
2008-11-02 00:00:00
gentoo
gentoo
nfs-utils: Access restriction bypass
2009-03-07 00:00:00
redhat
redhat
(RHSA-2009:1321) Low: nfs-utils security and bug fix update
2009-09-02 03:02:33
veracode
veracode
Access Restriction Bypass
2020-04-10 00:41:56
prion
prion
Design/Logic Flaw
2008-10-14 20:00:00
ubuntucve
ubuntucve
CVE-2008-4552
2008-10-14 00:00:00
ubuntu
ubuntu
nfs-utils vulnerability
2008-12-04 00:00:00
debiancve
debiancve
CVE-2008-4552
2008-10-14 20:00:00
cve
cve
CVE-2008-4552
2008-10-14 20:00:00
vmware
vmware
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESX Service Console and vMA third party updates
2010-03-03 00:00:00