PT-2007-5333 · Linux Nfs+1 · Nfsidmap+1

Published

2007-09-05

Updated

2017-09-29

CVE-2007-4135

CVSS v2.0

6.2

Medium

Vector

AV:L/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions nfsidmap versions prior to 0.17

Description The issue arises from the NFSv4 ID mapper (nfsidmap) not properly handling return values from the getpwnam r function during username lookup. This can lead to incorrect file ownership reporting, where a file is reported as being owned by "root" instead of "nobody" if the file exists on the server but not on the client.

Recommendations For versions prior to 0.17, update to version 0.17 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-4135

RHSA-2007:0951

RHSA-2007_0951

Affected Products

Red Hat

Nfsidmap

PT-2007-5333 · Linux Nfs+1 · Nfsidmap+1

CVE-2007-4135

Related Identifiers

Affected Products

References · 19