oss-sec mailing list archives
Re: CVE Request (nfs-utils)
From: "Steven M. Christey" <coley () linus mitre org>
Date: Tue, 14 Oct 2008 14:47:51 -0400 (EDT)
====================================================== Name: CVE-2008-4552 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4552 Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=458676 nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the host_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.
Current thread:
- CVE Request (nfs-utils) Josh Bressers (Oct 13)
- Re: CVE Request (nfs-utils) Steven M. Christey (Oct 14)