Back to search
CVE-2008-4552
Published: Oct 14, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
32481
third-party-advisory
x_refsource_SECUNIA
32346
third-party-advisory
x_refsource_SECUNIA
http://wiki.rpath.com/Advisories:rPSA-2008-0307
x_refsource_CONFIRM
oval:org.mitre.oval:def:8325
vdb-entry
signature
x_refsource_OVAL
38794
third-party-advisory
x_refsource_SECUNIA
[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates
mailing-list
x_refsource_MLIST
nfsutils-hostctl-security-bypass(45895)
vdb-entry
x_refsource_XF
RHSA-2009:1321
vendor-advisory
x_refsource_REDHAT
[oss-security] 20120719 CVE Request: quota: incorrect use of tcp_wrappers
mailing-list
x_refsource_MLIST
33006
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=458676
x_refsource_CONFIRM
36538
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20120719 Re: CVE Request: quota: incorrect use of tcp_wrappers
mailing-list
x_refsource_MLIST
MDVSA-2009:060
vendor-advisory
x_refsource_MANDRIVA
oval:org.mitre.oval:def:11544
vdb-entry
signature
x_refsource_OVAL
20081030 rPSA-2008-0307-1 nfs-client nfs-server nfs-utils
mailing-list
x_refsource_BUGTRAQ
USN-687-1
vendor-advisory
x_refsource_UBUNTU
38833
third-party-advisory
x_refsource_SECUNIA
31823
vdb-entry
x_refsource_BID
ADV-2010-0528
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now