PT-2007-5333 · Linux Nfs+1 · Nfsidmap+1

Publicado

2007-09-05

Atualizado

2017-09-29

CVE-2007-4135

CVSS v2.0

6.2

Média

Vetor

AV:L/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions nfsidmap versions prior to 0.17

Description The issue arises from the NFSv4 ID mapper (nfsidmap) not properly handling return values from the getpwnam r function during username lookup. This can lead to incorrect file ownership reporting, where a file is reported as being owned by "root" instead of "nobody" if the file exists on the server but not on the client.

Recommendations For versions prior to 0.17, update to version 0.17 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-4135

RHSA-2007:0951

RHSA-2007_0951

Produtos afetados

Red Hat

Nfsidmap

PT-2007-5333 · Linux Nfs+1 · Nfsidmap+1

CVE-2007-4135

Identificadores relacionados

Produtos afetados

Referências · 19