USN-687-1: nfs-utils vulnerability

12-04-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

USN-687-1: nfs-utils vulnerability

Referenced CVEs:
CVE-2008-4552

Description:
=========================================================== Ubuntu Security Notice USN-687-1 December 04, 2008 nfs-utils vulnerability CVE-2008-4552 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: nfs-kernel-server 1:1.0.7-3ubuntu2.1 Ubuntu 7.10: nfs-kernel-server 1:1.1.1~git-20070709-3ubuntu1.1 Ubuntu 8.04 LTS: nfs-kernel-server 1:1.1.2-2ubuntu2.2 Ubuntu 8.10: nfs-kernel-server 1:1.1.2-4ubuntu1.1 After a standard system upgrade you need to restart nfs services to effect the necessary changes. Details follow: It was discovered that nfs-utils did not properly enforce netgroup restrictions when using TCP Wrappers. Remote attackers could bypass the netgroup restrictions enabled by the administrator and possibly gain access to sensitive information.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

USN-TOMBSTONE-CLEANUP.PL(8) System Manager's Manual USN-TOMBSTONE-CLEANUP.PL(8) NAME
usn-tombstone-cleanup.pl - Directory Server perl script for cleaning up tombstone entries. SYNOPSIS
usn-tombstone-cleanup.pl [-Z serverID] [-D rootdn] { -w password | -w - | -j filename } -s suffix -n backend [-m maxusn_to_delete] [-P pro- tocol] [-v] [-h] DESCRIPTION
Deletes the tombstone entries maintained by the instance if the USN Plug-in is enabled. OPTIONS
A summary of options is included below: -Z Server Identifier The server ID of the Directory Server instance. If there is only one instance on the system, this option can be skipped. -D Root DN The Directory Manager DN, or root DN. If not specified, the script will search the server instance configuration for the value. -w password The rootdn password. -w - Prompt for the rootdn password. -j password filename The name of the file that contains the root DN password. -s suffix Gives the name of the suffix containing the entries to clean/delete. -n backend Gives the name of the database containing the entries to clean/delete. Example, userRoot. -m maxusn_to_delete Sets the upper bound for entries to delete. All tombstone entries with an entryUSN value up to the specified maximum (inclusive) are deleted, but not past that USN value. If no maximum USN value is set, then all backend tombstone entries are deleted. -P protocol The connection protocol to connect to the Directory Server. Protocols are STARTTLS, LDAPS, LDAPI, and LDAP. If this option is skipped, the most secure protocol that is available is used. For LDAPI, AUTOBIND is also available for the root user. -v Display verbose ouput -h Display usage EXAMPLE
usn-tombstone-cleanup.pl -Z instance2 -D 'cn=directory manager' -w password -n userRoot -s 'ou=people,dc=example,dc=com' -P STARTTLS Note: security must be enabled to use protocol STARTTLS. If STARTTLS is not available it will default to next strongest/available protocol automatically. DIAGNOSTICS
Exit status is zero if no errors occur. Errors result in a non-zero exit status and a diagnostic message being written to standard error. AUTHOR
usn-tombstone-cleanup.pl was written by the 389 Project. REPORTING BUGS
Report bugs to http://bugzilla.redhat.com. COPYRIGHT
Copyright (C) 2013 Red Hat, Inc. Mar 5, 2013 USN-TOMBSTONE-CLEANUP.PL(8)

Security Advisories (RSS)

USN-687-1: nfs-utils vulnerability

LEARN ABOUT CENTOS

usn-tombstone-cleanup.pl