Your submission was sent successfully! Close

CVE-2008-4552

Published: 14 October 2008

The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.

Priority

Medium

Status

Package Release Status
nfs-utils
Launchpad, Ubuntu, Debian
dapper
Released (1:1.0.7-3ubuntu2.1)
gutsy
Released (1:1.1.1~git-20070709-3ubuntu1.1)
hardy
Released (1:1.1.2-2ubuntu2.2)
intrepid
Released (1:1.1.2-4ubuntu1.1)
upstream
Released (1.1.3)