7.5

CVE-2008-4552

The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NfsNfs-utils Version <= 1.1.2
NfsNfs-utils Version0.2
NfsNfs-utils Version0.2.1
NfsNfs-utils Version0.3.1
NfsNfs-utils Version0.3.3
NfsNfs-utils Version1.0
NfsNfs-utils Version1.0.1
NfsNfs-utils Version1.0.2
NfsNfs-utils Version1.0.3
NfsNfs-utils Version1.0.4
NfsNfs-utils Version1.0.6
NfsNfs-utils Version1.0.7
NfsNfs-utils Version1.0.7 Updatepre-1
NfsNfs-utils Version1.0.7 Updatepre-2
NfsNfs-utils Version1.0.8
NfsNfs-utils Version1.0.8 Updaterc-1
NfsNfs-utils Version1.0.8 Updaterc-2
NfsNfs-utils Version1.0.8 Updaterc-3
NfsNfs-utils Version1.0.8 Updaterc-4
NfsNfs-utils Version1.0.9
NfsNfs-utils Version1.0.10
NfsNfs-utils Version1.0.11
NfsNfs-utils Version1.0.12
NfsNfs-utils Version1.1.0
NfsNfs-utils Version1.1.0 Updaterc-1
NfsNfs-utils Version1.1.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.3% 0.81
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
http://secunia.com/advisories/38794
Vendor Advisory
http://www.vupen.com/english/advisories/2010/0528
Vendor Advisory
http://secunia.com/advisories/32346
Vendor Advisory
http://secunia.com/advisories/32481
Vendor Advisory
http://secunia.com/advisories/33006
Vendor Advisory
http://secunia.com/advisories/36538
http://secunia.com/advisories/38833
Vendor Advisory
http://wiki.rpath.com/Advisories:rPSA-2008-0307
http://www.mandriva.com/security/advisories?name=MDVSA-2009:060
http://www.openwall.com/lists/oss-security/2012/07/19/2
http://www.openwall.com/lists/oss-security/2012/07/19/5
http://www.redhat.com/support/errata/RHSA-2009-1321.html
http://www.securityfocus.com/archive/1/497935/100/0/threaded
http://www.securityfocus.com/bid/31823
Patch
http://www.ubuntu.com/usn/USN-687-1
https://bugzilla.redhat.com/show_bug.cgi?id=458676
https://exchange.xforce.ibmcloud.com/vulnerabilities/45895
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11544
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8325