| Revision Date: | 2014-12-08 | Version: | 4 | | Title: | RHSA-2011:1534 -- nfs-utils security, bug fix, and enhancement update (Low) | | Description: | The nfs-utils packages provide a daemon for the kernel Network File System(NFS) server, and related tools such as the mount.nfs, umount.nfs, andshowmount programs.A flaw was found in the way nfs-utils performed IP based authentication ofmount requests. In configurations where a directory was exported to a groupof systems using a DNS wildcard or NIS (Network Information Service)netgroup, an attacker could possibly gain access to other directoriesexported to a specific host or subnet, bypassing intended accessrestrictions. (CVE-2011-2500)It was found that the mount.nfs tool did not handle certain errorscorrectly when updating the mtab (mounted file systems table) file. A localattacker could use this flaw to corrupt the mtab file. (CVE-2011-1749)This update also fixes several bugs and adds an enhancement. Documentationfor these bug fixes and the enhancement will be available shortly from theTechnical Notes document, linked to in the References section.Users of nfs-utils are advised to upgrade to these updated packages, whichcontain backported patches to resolve these issues and add thisenhancement. After installing this update, the nfs service will berestarted automatically. | | Family: | unix | Class: | patch | | Status: | ACCEPTED | Reference(s): | CVE-2011-1749
CVE-2011-2500
RHSA-2011:1534
| | Platform(s): | Red Hat Enterprise Linux 6
| Product(s): | nfs-utils
| | Definition Synopsis | | The operating system installed on the system is Red Hat Enterprise Linux 6 AND Packages match section
nfs-utils is earlier than 0:1.2.3-15.el6
OR nfs-utils-debuginfo is earlier than 0:1.2.3-15.el6
|
|