CVE-2008-4552

Related Files

VMware Security Advisory 2010-0004

Posted Mar 5, 2010

Authored by VMware | Site vmware.com

VMware Security Advisory - Updates have been issues for ESX Service Console newt, nfs-utils, and glib2 packages. vMA updates for newt, nfs-util, glib2, kpartx, libvolume-id, device-mapper-multipath, fipscheck, dbus, dbus-libs, ed, openssl, bind, expat, openssh, ntp and kernel packages have also been issued.

tags | advisory, kernel

advisories | CVE-2009-2905, CVE-2008-4552, CVE-2008-4316, CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386, CVE-2009-1387, CVE-2009-0590, CVE-2009-4022, CVE-2009-3560, CVE-2009-3720, CVE-2009-2904, CVE-2009-3563, CVE-2009-2695, CVE-2009-2849, CVE-2009-2695, CVE-2009-2908

SHA-256 | 0ae5770077c762418cfd24f3ee041e3030eda4c4cf779c13c8b5a0c5d3c879ca

Download | Favorite | View

Mandriva Linux Security Advisory 2009-060

Posted Mar 20, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-060-1 - A security vulnerability has been identified and fixed in nfs-utils, which caused TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions. The updated packages have been patched to prevent this. The Corporate Server 4 packages had the wrong release number (lower than before) which prevented the update packages from being installed automatically. This problem has now been solved with new packages with the correct release number.

tags | advisory, remote, tcp

systems | linux, mandriva

advisories | CVE-2008-4552

SHA-256 | fb8a0645d60f88224f69188bd2314dc54eb2e4a2b2fb67caeff72743794909ce

Download | Favorite | View

Gentoo Linux Security Advisory 200903-6

Posted Mar 8, 2009

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-06 - An error in nfs-utils allows for bypass of the netgroups restriction. Michele Marcionelli reported that nfs-utils invokes the hosts_ctl() function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups. Versions less than 1.1.3 are affected.

tags | advisory, tcp

systems | linux, gentoo

advisories | CVE-2008-4552

SHA-256 | 9b39b04606335bdaab1674b4b1ffa216be3d10650cb082d83a7346141c09d41f

Download | Favorite | View

Mandriva Linux Security Advisory 2009-060

Posted Feb 28, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-060 - A security vulnerability has been identified and fixed in nfs-utils, which caused TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions. The updated packages have been patched to prevent this.

tags | advisory, remote, tcp

systems | linux, mandriva

advisories | CVE-2008-4552

SHA-256 | da212191a1329f49dc12a74f1baeb0e24c0a5199871ba6584fea2f691b1313ad

Download | Favorite | View

Ubuntu Security Notice 687-1

Posted Dec 5, 2008

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-687-1 - It was discovered that nfs-utils did not properly enforce netgroup restrictions when using TCP Wrappers. Remote attackers could bypass the netgroup restrictions enabled by the administrator and possibly gain access to sensitive information.

tags | advisory, remote, tcp

systems | linux, ubuntu

advisories | CVE-2008-4552

SHA-256 | 0e029fa8bda37ed3cf0f9126cfa820ca959375ddc18ac3877aac2310186972bd

Download | Favorite | View