This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Nfs | First view | 2004-06-14 |
| Product | Nfs-Utils | Last view | 2009-01-20 |
| Version | 1.0.6 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:nfs:nfs-utils | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.5 | 2009-01-20 | CVE-2009-0180 | Certain Fedora build scripts for nfs-utils before 1.1.2-9.fc9 on Fedora 9, and before 1.1.4-6.fc10 on Fedora 10, omit TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions, possibly a related issue to CVE-2008-1376. |
| 7.5 | 2008-10-14 | CVE-2008-4552 | The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions. |
| 5 | 2005-01-10 | CVE-2004-1014 | statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated. |
| 10 | 2005-01-10 | CVE-2004-0946 | rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request. |
| 5 | 2004-06-14 | CVE-2004-0154 | rpc.mountd in nfs-utils after 1.0.3 and before 1.0.6 allows attackers to cause a denial of service (crash) via an NFS mount of a directory from a client whose reverse DNS lookup name is different from the forward lookup name. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (2) | CWE-264 | Permissions, Privileges, and Access Controls |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 49182 | nfs-utils NFS Netgroups TCP Wrappers hosts_ctl Function Remote Security Bypass |
| 47503 | nfs-utils for Red Hat Enterprise Linux TCP Wrapper Support Weakness Remote Se... |
| 12351 | nfs-utils getquotainfo() Remote Overflow |
| 12240 | nfs-utils rpc.statd SIGPIPE TCP Connection DoS |
| 4198 | nfs-utils rpc.mountd Malformed Reverse DNS Entry DoS |
OpenVAS Exploits
| id | Description |
|---|---|
| 2011-08-09 | Name : CentOS Update for nfs-utils CESA-2009:1321 centos5 i386 File : nvt/gb_CESA-2009_1321_nfs-utils_centos5_i386.nasl |
| 2009-10-13 | Name : SLES10: Security update for nfs-utils File : nvt/sles10_nfs-utils.nasl |
| 2009-10-10 | Name : SLES9: Security update for nfs-utils File : nvt/sles9p5040680.nasl |
| 2009-09-21 | Name : CentOS Security Advisory CESA-2009:1321 (nfs-utils) File : nvt/ovcesa2009_1321.nasl |
| 2009-09-09 | Name : RedHat Security Advisory RHSA-2009:1321 File : nvt/RHSA_2009_1321.nasl |
| 2009-03-31 | Name : Mandrake Security Advisory MDVSA-2009:060-1 (nfs-utils) File : nvt/mdksa_2009_060_1.nasl |
| 2009-03-31 | Name : Ubuntu USN-742-1 (jasper) File : nvt/ubuntu_742_1.nasl |
| 2009-03-23 | Name : Ubuntu Update for nfs-utils vulnerability USN-687-1 File : nvt/gb_ubuntu_USN_687_1.nasl |
| 2009-03-13 | Name : Gentoo Security Advisory GLSA 200903-06 (nfs-utils) File : nvt/glsa_200903_06.nasl |
| 2009-01-20 | Name : Fedora Core 10 FEDORA-2009-0266 (nfs-utils) File : nvt/fcore_2009_0266.nasl |
| 2009-01-20 | Name : Fedora Core 9 FEDORA-2009-0297 (nfs-utils) File : nvt/fcore_2009_0297.nasl |
| 2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 11.1) File : nvt/suse_sr_2009_001.nasl |
| 2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 11.0) File : nvt/suse_sr_2009_001a.nasl |
| 2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 10.3) File : nvt/suse_sr_2009_001b.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200412-08 (nfs-utils) File : nvt/glsa_200412_08.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 606-1 (nfs-utils) File : nvt/deb_606_1.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-09-10 | nfs-utils TCP connection termination denial-of-service attempt RuleID : 50913 - Type : SERVER-OTHER - Revision : 1 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2016-03-08 | Name: The remote VMware ESX host is missing a security-related patch. File: vmware_VMSA-2010-0004_remote.nasl - Type: ACT_GATHER_INFO |
| 2013-06-29 | Name: The remote CentOS host is missing a security update. File: centos_RHSA-2009-0955.nasl - Type: ACT_GATHER_INFO |
| 2012-08-01 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20090902_nfs_utils_on_SL5_x.nasl - Type: ACT_GATHER_INFO |
| 2010-03-05 | Name: The remote VMware ESX host is missing one or more security-related patches. File: vmware_VMSA-2010-0004.nasl - Type: ACT_GATHER_INFO |
| 2010-01-06 | Name: The remote CentOS host is missing a security update. File: centos_RHSA-2009-1321.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 10 host is missing a security-related patch. File: suse_nfs-utils-5713.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 9 host is missing a security-related patch. File: suse9_12274.nasl - Type: ACT_GATHER_INFO |
| 2009-09-02 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2009-1321.nasl - Type: ACT_GATHER_INFO |
| 2009-05-19 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2009-0955.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-687-1.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2009-060.nasl - Type: ACT_GATHER_INFO |
| 2009-03-08 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-200903-06.nasl - Type: ACT_GATHER_INFO |
| 2009-01-16 | Name: The remote Fedora host is missing a security update. File: fedora_2009-0297.nasl - Type: ACT_GATHER_INFO |
| 2009-01-16 | Name: The remote Fedora host is missing a security update. File: fedora_2009-0266.nasl - Type: ACT_GATHER_INFO |
| 2006-01-15 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-36-1.nasl - Type: ACT_GATHER_INFO |
| 2005-01-13 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2005-014.nasl - Type: ACT_GATHER_INFO |
| 2005-01-12 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2005-005.nasl - Type: ACT_GATHER_INFO |
| 2004-12-21 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2004-583.nasl - Type: ACT_GATHER_INFO |
| 2004-12-14 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-200412-08.nasl - Type: ACT_GATHER_INFO |
| 2004-12-08 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-606.nasl - Type: ACT_GATHER_INFO |
| 2004-12-07 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2004-146.nasl - Type: ACT_GATHER_INFO |
| 2004-07-06 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2004-072.nasl - Type: ACT_GATHER_INFO |
