CVE-2006-0043

Name of the Vulnerable Software and Affected Versions nfs-user-server versions (affected versions not specified) nfs-server rpc.mountd versions 9.1 through 10.0

Description The issue involves multiple vulnerabilities in the nfs-user-server package of Debian GNU/Linux and a buffer overflow in the realpath function in nfs-server rpc.mountd, as used in SUSE Linux. These vulnerabilities can be exploited by a local attacker to compromise the confidentiality, integrity, and availability of protected information. The exploitation of the buffer overflow in nfs-server rpc.mountd allows local users to execute arbitrary code via unspecified vectors involving mount requests and symlinks.

Recommendations For nfs-user-server, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For nfs-server rpc.mountd versions 9.1 through 10.0, update to a version outside of this range to mitigate the risk.