CVE-2013-1923

Published: Jan 21, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

58854

vdb-entry

x_refsource_BID

[linux-nfs] 20130403 Re: [PATCH] Avoid PTR lookups when possible

mailing-list

x_refsource_MLIST

https://bugzilla.redhat.com/show_bug.cgi?id=948072

x_refsource_CONFIRM

openSUSE-SU-2013:1048

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2013:1012

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2013:1016

vendor-advisory

x_refsource_SUSE

nfsutils-cve20131923-spoofing(85331)

vdb-entry

x_refsource_XF

[linux-nfs] 20130402 Re: [PATCH] Avoid PTR lookups when possible

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-1923

Description

Affected Products

References