PT-2003-1985 · Novell · Novell Netware 6.5

Published

2003-12-10

Updated

2017-07-11

CVE-2003-0976

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Novell NetWare 6.5

Description The issue concerns the NFS Server (XNFS.NLM) not properly enforcing the sys:etcexports configuration when hostname aliases from the sys:etchosts file are used. This could potentially allow users to mount file systems that should be denied access to by the XNFS configuration.

Recommendations For Novell NetWare 6.5, ensure that the sys:etcexports file is properly configured to deny access to hosts that should not have access to the file systems, and consider restricting the use of hostname aliases in the sys:etchosts file until a proper fix is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-0976

Affected Products

Novell Netware 6.5

PT-2003-1985 · Novell · Novell Netware 6.5

CVE-2003-0976

Related Identifiers

Affected Products

References · 3