Lucene search
UbuntuUSN-687-1HistoryDec 04, 2008 - 12:00 a.m.
nfs-utils vulnerability
2008-12-0400:00:00
ubuntu.com
33
7.9 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.018 Low
EPSS
Percentile
88.1%
Releases
- Ubuntu 8.10
- Ubuntu 8.04
- Ubuntu 7.10
- Ubuntu 6.06
Packages
- nfs-utils -
Details
It was discovered that nfs-utils did not properly enforce netgroup
restrictions when using TCP Wrappers. Remote attackers could bypass the
netgroup restrictions enabled by the administrator and possibly gain
access to sensitive information.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.10 | noarch | nfs-kernel-server | <ย 1:1.1.2-4ubuntu1.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | nfs-common | <ย 1:1.1.2-4ubuntu1.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | nfs-kernel-server | <ย 1:1.1.2-2ubuntu2.2 | UNKNOWN |
| Ubuntu | 8.04 | noarch | nfs-common | <ย 1:1.1.2-2ubuntu2.2 | UNKNOWN |
| Ubuntu | 7.10 | noarch | nfs-kernel-server | <ย 1:1.1.1~git-20070709-3ubuntu1.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | nfs-common | <ย 1:1.1.1~git-20070709-3ubuntu1.1 | UNKNOWN |
| Ubuntu | 6.06 | noarch | nfs-kernel-server | <ย 1:1.0.7-3ubuntu2.1 | UNKNOWN |
| Ubuntu | 6.06 | noarch | nfs-common | <ย 1:1.0.7-3ubuntu2.1 | UNKNOWN |
| Ubuntu | 6.06 | noarch | nhfsstone | <ย 1:1.0.7-3ubuntu2.1 | UNKNOWN |
References
Related
nessus
nessus
SuSE 10 Security Update : nfs-utils (ZYPP Patch Number 5713)
2009-09-24 00:00:00
RHEL 5 : nfs-utils (RHSA-2009:1321)
2009-09-02 00:00:00
Mandriva Linux Security Advisory : nfs-utils (MDVSA-2009:060)
2009-04-23 00:00:00
openvas
openvas
Ubuntu Update for nfs-utils vulnerability USN-687-1
2009-03-23 00:00:00
CentOS Security Advisory CESA-2009:1321 (nfs-utils)
2009-09-21 00:00:00
Gentoo Security Advisory GLSA 200903-06 (nfs-utils)
2009-03-13 00:00:00
oraclelinux
oraclelinux
nfs-utils security and bug fix update
2009-09-08 00:00:00
centos
centos
nfs security update
2009-09-15 18:34:40
seebug
seebug
nfs-utils่ฝฏไปถๅ
hosts_ctl()ๅฝๆฐ็ป่ฟๅฎๅ
จ้ๅถๆผๆด
2008-10-22 00:00:00
securityvulns
securityvulns
nfs protection bypass
2008-11-02 00:00:00
rPSA-2008-0307-1 nfs-client nfs-server nfs-utils
2008-11-02 00:00:00
cve
cve
CVE-2008-4552
2008-10-14 20:00:00
gentoo
gentoo
nfs-utils: Access restriction bypass
2009-03-07 00:00:00
prion
prion
Design/Logic Flaw
2008-10-14 20:00:00
veracode
veracode
Access Restriction Bypass
2020-04-10 00:41:56
ubuntucve
ubuntucve
CVE-2008-4552
2008-10-14 00:00:00
redhat
redhat
(RHSA-2009:1321) Low: nfs-utils security and bug fix update
2009-09-02 03:02:33
debiancve
debiancve
CVE-2008-4552
2008-10-14 20:00:00
vmware
vmware
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
7.9 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.018 Low
EPSS
Percentile
88.1%
Related for USN-687-1