CVE-2008-4552

The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.
Configurations

Configuration 1

cpe:2.3:a:nfs:nfs-utils:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.10:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.7:pre-2:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:0.2.1:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.7:pre-1:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:*:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:0.3.3:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.12:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.8:rc-1:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.8:rc-3:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:0.2:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.11:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.8:rc-2:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.1.0:rc-1:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.9:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:nfs:nfs-utils:1.0.8:rc-4:*:*:*:*:*:*

Information

Published : 2008-10-14 08:00

Updated : 2018-10-11 08:52


NVD link : CVE-2008-4552

Mitre link : CVE-2008-4552

Products Affected
No products.
CWE