Date: Tue, 14 Oct 2008 14:47:51 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: oss-security <oss-security@...ts.openwall.com> cc: coley <coley@...re.org> Subject: Re: CVE Request (nfs-utils) ====================================================== Name: CVE-2008-4552 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4552 Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=458676 nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the host_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.