Oval Definition:oval:com.redhat.rhsa:def:20070913
Revision Date:2007-09-19Version:635
Title:RHSA-2007:0913: nfs-utils-lib security update (Important)
Description:The nfs-utils-lib package contains support libraries that are needed by the commands and daemons of the nfs-utils package.

  • Tenable Network Security discovered a stack buffer overflow flaw in the RPC library used by nfs-utils-lib. A remote unauthenticated attacker who can access an application linked against nfs-utils-lib could trigger this flaw and cause the application to crash. On Red Hat Enterprise Linux 4 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE. (CVE-2007-3999)

    Users of nfs-utils-lib are advised to upgrade to this updated package, which contains a backported patch that resolves this issue.
  • Family:unixClass:patch
    Status:Reference(s):CVE-2007-3999
    RHSA-2007:0913
    RHSA-2007:0913-02
    RHSA-2007:0913-02
    Platform(s):Red Hat Enterprise Linux 4
    Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • nfs-utils-lib is earlier than 0:1.0.6-8.z1
  • AND nfs-utils-lib is signed with Red Hat redhatrelease2 key
  • nfs-utils-lib-devel is earlier than 0:1.0.6-8.z1
  • AND nfs-utils-lib-devel is signed with Red Hat redhatrelease2 key
  • BACK