Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-687-1: nfs-utils vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-687-1: nfs-utils vulnerability
# 1  
Old 12-04-2008
USN-687-1: nfs-utils vulnerability
Referenced CVEs:
CVE-2008-4552


Description:
=========================================================== Ubuntu Security Notice USN-687-1 December 04, 2008 nfs-utils vulnerability CVE-2008-4552 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: nfs-kernel-server 1:1.0.7-3ubuntu2.1 Ubuntu 7.10: nfs-kernel-server 1:1.1.1~git-20070709-3ubuntu1.1 Ubuntu 8.04 LTS: nfs-kernel-server 1:1.1.2-2ubuntu2.2 Ubuntu 8.10: nfs-kernel-server 1:1.1.2-4ubuntu1.1 After a standard system upgrade you need to restart nfs services to effect the necessary changes. Details follow: It was discovered that nfs-utils did not properly enforce netgroup restrictions when using TCP Wrappers. Remote attackers could bypass the netgroup restrictions enabled by the administrator and possibly gain access to sensitive information.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT V7

mount.nfs

MOUNT.NFS(8)						      System Manager's Manual						      MOUNT.NFS(8)

NAME

       mount.nfs, mount.nfs4 - mount a Network File System

SYNOPSIS

       mount.nfs remotetarget dir [-rvVwfnsh ] [-o options]

DESCRIPTION

       mount.nfs is a part of nfs(5) utilities package, which provides NFS client functionality.

       mount.nfs  is  meant to be used by the mount(8) command for mounting NFS shares. This subcommand, however, can also be used as a standalone
       command with limited functionality.

       remotetarget is a server share usually in the form of servername:/path/to/share.  dir is the directory on which the file system	is  to	be
       mounted.

       Under  Linux  2.6.32  and  later  kernel  versions, mount.nfs can mount all NFS file system versions.  Under earlier Linux kernel versions,
       mount.nfs4 must be used for mounting NFSv4 file systems while mount.nfs must be used for NFSv3 and v2.

OPTIONS

       -r     Mount file system readonly.

       -v     Be verbose.

       -V     Print version.

       -w     Mount file system read-write.

       -f     Fake mount. Don't actually call the mount system call.

       -n     Do not update /etc/mtab.	By default, an entry is created in /etc/mtab for every mounted file system. Use this option to skip making
	      an entry.

       -s     Tolerate sloppy mount options rather than fail.

       -h     Print help message.

       nfsoptions
	      Refer to nfs(5) or mount(8) manual pages.

NOTE

       For further information please refer nfs(5) and mount(8) manual pages.

FILES

       /etc/fstab	 file system table

       /etc/mtab	 table of mounted file systems

SEE ALSO

       nfs(5), mount(8),

AUTHOR

       Amit Gud <agud@redhat.com>

								    5 Jun 2006							      MOUNT.NFS(8)