Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2008-4552

Опубликовано: 14 окт. 2008
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:nfs:nfs-utils:*:*:*:*:*:*:*:*
Версия до 1.1.2 (включая)
cpe:2.3:a:nfs:nfs-utils:0.2:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:0.2.1:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:0.3.3:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.7:pre-1:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.7:pre-2:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.8:rc-1:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.8:rc-2:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.8:rc-3:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.8:rc-4:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.9:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.10:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.11:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.12:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.1.0:rc-1:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.1.1:*:*:*:*:*:*:*

EPSS

Процентиль: 79%
0.01355
Низкий

7.5 High

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2008-4552

ubuntu
больше 16 лет назад

The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.

redhat логотип

CVE-2008-4552

redhat
почти 17 лет назад

The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.

debian логотип

CVE-2008-4552

debian
больше 16 лет назад

The good_client function in nfs-utils 1.0.9, and possibly other versio ...

github логотип

GHSA-jg64-hjmp-ccvg

github
около 3 лет назад

The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.

oracle-oval логотип

ELSA-2009-1321

oracle-oval
почти 16 лет назад

ELSA-2009-1321: nfs-utils security and bug fix update (LOW)

EPSS

Процентиль: 79%
0.01355
Низкий

7.5 High

CVSS2

Дефекты

CWE-264