CVE-2013-1923

Name of the Vulnerable Software and Affected Versions nfs-utils versions prior to 1.2.8

Description The issue concerns a problem with rpc-gssd in nfs-utils, where it performs reverse DNS resolution for server names during GSSAPI authentication. This could potentially allow remote attackers to read otherwise-restricted files via DNS spoofing attacks, leading to a breach of confidentiality and integrity of protected information.

Recommendations For versions prior to 1.2.8, update to version 1.2.8 or later to resolve the issue. As a temporary workaround, consider restricting DNS resolution for server names during GSSAPI authentication to minimize the risk of exploitation.