CVE-2004-0946

Name of the Vulnerable Software and Affected Versions nfs-utils versions prior to 1.0.6-r6

Description The issue concerns multiple vulnerabilities in the nfs-utils package, which can be exploited remotely to compromise the confidentiality, integrity, and availability of protected information. Specifically, the rquotad component in nfs-utils contains a flaw in integer conversion on 64-bit architectures, leading to a stack-based buffer overflow. This allows remote attackers to execute arbitrary code via a crafted NFS request.

Recommendations For nfs-utils versions prior to 1.0.6-r6, update to version 1.0.6-r6 or later to resolve the issue. As a temporary workaround, consider restricting access to the rquotad service to minimize the risk of exploitation.