7.5
CVE-2008-4552
- EPSS 2.3%
- Veröffentlicht 14.10.2008 20:00:01
- Zuletzt bearbeitet 16.06.2026 22:58:03
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.3% | 0.81 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
http://secunia.com/advisories/38794
http://www.vupen.com/english/advisories/2010/0528
http://secunia.com/advisories/32346
http://secunia.com/advisories/32481
http://secunia.com/advisories/33006
http://secunia.com/advisories/36538
http://secunia.com/advisories/38833
http://wiki.rpath.com/Advisories:rPSA-2008-0307
http://www.mandriva.com/security/advisories?name=MDVSA-2009:060
http://www.openwall.com/lists/oss-security/2012/07/19/2
http://www.openwall.com/lists/oss-security/2012/07/19/5
http://www.redhat.com/support/errata/RHSA-2009-1321.html
http://www.securityfocus.com/archive/1/497935/100/0/threaded
http://www.securityfocus.com/bid/31823
http://www.ubuntu.com/usn/USN-687-1
https://bugzilla.redhat.com/show_bug.cgi?id=458676
https://exchange.xforce.ibmcloud.com/vulnerabilities/45895
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11544
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8325