Certain Fedora build scripts for nfs-utils before 1.1.2-9.fc9 on Fedora 9, and before 1.1.4-6.fc10 on Fedora 10, omit TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions, possibly a related issue to CVE-2008-1376.
Max CVSS
7.5
EPSS Score
1.18%
Published
2009-01-20
Updated
2017-08-08
The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.
Max CVSS
7.5
EPSS Score
1.81%
Published
2008-10-14
Updated
2018-10-11
2 vulnerabilities found