Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linux-nfs vulnerabilities and exploits
(subscribe to this query)
285
VMScore
CVE-2013-1923
rpc-gssd in nfs-utils prior to 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote malicious users to read otherwise-restricted files via DNS spoofing attacks.
Linux-nfs Nfs-utils 1.2.2
Linux-nfs Nfs-utils 1.2.1
Linux-nfs Nfs-utils
Linux-nfs Nfs-utils 1.2.6
Linux-nfs Nfs-utils 1.2.5
Linux-nfs Nfs-utils 1.2.4
Linux-nfs Nfs-utils 1.2.3
Linux-nfs Nfs-utils 1.2.0
294
VMScore
CVE-2011-1749
The nfs_addmntent function in support/nfs/nfs_mntent.c in the mount.nsf tool in nfs-utils prior to 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a sma...
Linux-nfs Nfs-utils
Linux-nfs Nfs-utils 1.2.0
Linux-nfs Nfs-utils 1.2.1
Linux-nfs Nfs-utils 1.2.2
668
VMScore
CVE-2011-2500
The host_reliable_addrinfo function in support/export/hostname.c in nfs-utils prior to 1.2.4 does not properly use DNS to verify access to NFS exports, which allows remote malicious users to mount filesystems by establishing crafted DNS A and PTR records.
Linux-nfs Nfs-utils 1.2.1
Linux-nfs Nfs-utils 1.2.0
Linux-nfs Nfs-utils
Linux-nfs Nfs-utils 1.2.2
890
VMScore
CVE-2019-3689
The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and manag...
Linux-nfs Nfs-utils
890
VMScore
CVE-2003-0252
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) prior to 1.0.4 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines.
Linux-nfs Nfs-utils
NA
CVE-2024-26629
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix RELEASE_LOCKOWNER The test on so_count in nfsd4_release_lockowner() is nonsense and harmful. Revert to using check_for_locks(), changing that to not sleep. First: harmful. As is documented in the kdoc c...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started