CVE-2007-0004

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Linux (RHEL) version 3

Description The issue concerns the NFS client implementation in the kernel. When a filesystem is mounted with the noacl option, it checks permissions for the open system call via vfs permission (mode bits) data rather than an NFS ACCESS call to the server. This allows local client processes to obtain a false success status from open calls that the server would deny, and possibly obtain sensitive information about file permissions on the server.

Recommendations For Red Hat Enterprise Linux (RHEL) version 3, consider mounting filesystems with the acl option instead of noacl to ensure proper permission checks are performed via NFS ACCESS calls to the server. As a temporary workaround, restrict access to sensitive files and directories to minimize the risk of exploitation.