Vulnerabilities (CVE)

Filtered by vendor Nfs Subscribe
Filtered by product Nfs-utils
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-0180 2 Nfs, Redhat 2 Nfs-utils, Fedora 2024-11-21 7.5 HIGH N/A
Certain Fedora build scripts for nfs-utils before 1.1.2-9.fc9 on Fedora 9, and before 1.1.4-6.fc10 on Fedora 10, omit TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions, possibly a related issue to CVE-2008-1376.
CVE-2008-4552 1 Nfs 1 Nfs-utils 2024-11-21 7.5 HIGH N/A
The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.
CVE-2004-1014 4 Debian, Mandrakesoft, Nfs and 1 more 6 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 3 more 2024-11-20 5.0 MEDIUM N/A
statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.
CVE-2004-0946 2 Nfs, Redhat 3 Nfs-utils, Enterprise Linux, Enterprise Linux Desktop 2024-11-20 10.0 HIGH N/A
rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request.
CVE-2004-0154 1 Nfs 1 Nfs-utils 2024-11-20 5.0 MEDIUM N/A
rpc.mountd in nfs-utils after 1.0.3 and before 1.0.6 allows attackers to cause a denial of service (crash) via an NFS mount of a directory from a client whose reverse DNS lookup name is different from the forward lookup name.
CVE-2003-0252 1 Nfs 1 Nfs-utils 2024-11-20 10.0 HIGH 9.8 CRITICAL
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines.