Описание
The host_reliable_addrinfo function in support/export/hostname.c in nfs-utils before 1.2.4 does not properly use DNS to verify access to NFS exports, which allows remote attackers to mount filesystems by establishing crafted DNS A and PTR records.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:1.2.8-6ubuntu4 |
| esm-infra-legacy/trusty | not-affected | 1:1.2.8-6ubuntu1 |
| hardy | ignored | end of life |
| lucid | not-affected | code not present |
| maverick | ignored | end of life |
| natty | ignored | end of life |
| oneiric | ignored | end of life |
| precise | not-affected | 1:1.2.5-3ubuntu3.1 |
| quantal | ignored | end of life |
| raring | ignored | end of life |
Показывать по
7.5 High
CVSS2
Связанные уязвимости
The host_reliable_addrinfo function in support/export/hostname.c in nfs-utils before 1.2.4 does not properly use DNS to verify access to NFS exports, which allows remote attackers to mount filesystems by establishing crafted DNS A and PTR records.
The host_reliable_addrinfo function in support/export/hostname.c in nfs-utils before 1.2.4 does not properly use DNS to verify access to NFS exports, which allows remote attackers to mount filesystems by establishing crafted DNS A and PTR records.
The host_reliable_addrinfo function in support/export/hostname.c in nf ...
The host_reliable_addrinfo function in support/export/hostname.c in nfs-utils before 1.2.4 does not properly use DNS to verify access to NFS exports, which allows remote attackers to mount filesystems by establishing crafted DNS A and PTR records.
ELSA-2011-1534: nfs-utils security, bug fix, and enhancement update (LOW)
7.5 High
CVSS2