PT-2004-1069 · Nfs Utils · Nfs-Utils

Published

2004-12-08

Updated

2018-10-19

CVE-2004-1014

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions nfs-utils versions 1.257 and earlier nfs-utils version 0.3.3

Description The issue allows remote attackers to cause a denial of service, potentially leading to a server process crash via a prematurely terminated TCP connection. Multiple vulnerabilities in the nfs-utils package may compromise the confidentiality, integrity, and availability of protected information, and can be exploited remotely.

Recommendations For nfs-utils versions 1.257 and earlier, consider ignoring the SIGPIPE signal to prevent server process crashes. For nfs-utils version 0.3.3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

BDU:2015-06446

CVE-2004-1014

DSA-606-1

RHSA-2004:583

Affected Products

Nfs-Utils

PT-2004-1069 · Nfs Utils · Nfs-Utils

CVE-2004-1014

Related Identifiers

Affected Products

References · 16