Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nfs-utils vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-3689
The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and manag...
Linux-nfs Nfs-utils
9.8
CVSSv3
CVE-2003-0252
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) prior to 1.0.4 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines.
Linux-nfs Nfs-utils
7
CVSSv3
CVE-2017-2624
It was found that xorg-x11-server prior to 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is...
X.org Xorg-server
Debian Debian Linux 7.0
1 Github repository
NA
CVE-2011-1749
The nfs_addmntent function in support/nfs/nfs_mntent.c in the mount.nsf tool in nfs-utils prior to 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a sma...
Linux-nfs Nfs-utils
Linux-nfs Nfs-utils 1.2.0
Linux-nfs Nfs-utils 1.2.1
Linux-nfs Nfs-utils 1.2.2
NA
CVE-2011-2500
The host_reliable_addrinfo function in support/export/hostname.c in nfs-utils prior to 1.2.4 does not properly use DNS to verify access to NFS exports, which allows remote malicious users to mount filesystems by establishing crafted DNS A and PTR records.
Linux-nfs Nfs-utils 1.2.1
Linux-nfs Nfs-utils 1.2.0
Linux-nfs Nfs-utils
Linux-nfs Nfs-utils 1.2.2
NA
CVE-2013-1923
rpc-gssd in nfs-utils prior to 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote malicious users to read otherwise-restricted files via DNS spoofing attacks.
Linux-nfs Nfs-utils 1.2.2
Linux-nfs Nfs-utils 1.2.1
Linux-nfs Nfs-utils
Linux-nfs Nfs-utils 1.2.6
Linux-nfs Nfs-utils 1.2.5
Linux-nfs Nfs-utils 1.2.4
Linux-nfs Nfs-utils 1.2.3
Linux-nfs Nfs-utils 1.2.0
NA
CVE-2009-0180
Certain Fedora build scripts for nfs-utils prior to 1.1.2-9.fc9 on Fedora 9, and prior to 1.1.4-6.fc10 on Fedora 10, omit TCP Wrapper support, which might allow remote malicious users to bypass intended access restrictions, possibly a related issue to CVE-2008-1376.
Nfs Nfs-utils 0.2.1
Nfs Nfs-utils 1.0
Nfs Nfs-utils 1.0.3
Nfs Nfs-utils 1.0.8
Nfs Nfs-utils 1.0.12
Nfs Nfs-utils 0.3.1
Nfs Nfs-utils 1.0.1
Nfs Nfs-utils 1.0.4
Nfs Nfs-utils 1.1.0
Nfs Nfs-utils
Nfs Nfs-utils 0.3.3
Nfs Nfs-utils 0.2
Nfs Nfs-utils 1.0.7
Nfs Nfs-utils 1.0.11
Nfs Nfs-utils 1.0.10
Nfs Nfs-utils 1.0.9
Nfs Nfs-utils 1.0.6
Nfs Nfs-utils 1.0.2
Nfs Nfs-utils 1.1.1
Nfs Nfs-utils 1.1.2
Nfs Nfs-utils 1.1.3
NA
CVE-2008-4552
The good_client function in nfs-utils 1.0.9, and possibly other versions prior to 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote malicious users to bypass intended access restrictions.
Nfs Nfs-utils 0.3.1
Nfs Nfs-utils 0.2.1
Nfs Nfs-utils 1.0.3
Nfs Nfs-utils 1.0.6
Nfs Nfs-utils 1.0.8
Nfs Nfs-utils
Nfs Nfs-utils 0.2
Nfs Nfs-utils 1.0.2
Nfs Nfs-utils 1.0.7
Nfs Nfs-utils 1.0.11
Nfs Nfs-utils 1.0.12
Nfs Nfs-utils 1.0
Nfs Nfs-utils 0.3.3
Nfs Nfs-utils 1.0.9
Nfs Nfs-utils 1.0.10
Nfs Nfs-utils 1.0.1
Nfs Nfs-utils 1.0.4
Nfs Nfs-utils 1.1.0
Nfs Nfs-utils 1.1.1
NA
CVE-2008-1376
A certain Red Hat build script for nfs-utils prior to 1.0.9-35z.el5_2 on Red Hat Enterprise Linux (RHEL) 5 omits TCP wrappers support, which might allow remote malicious users to bypass intended access restrictions.
Redhat Nfs Utils 1.0.9
NA
CVE-2004-0946
rquotad in nfs-utils (rquota_server.c) prior to 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote malicious users to execute arbitrary code via a crafted NFS request.
Nfs Nfs-utils 1.0.1
Nfs Nfs-utils 1.0.2
Nfs Nfs-utils 1.0.6
Nfs Nfs-utils 1.0.3
Nfs Nfs-utils 1.0.4
Nfs Nfs-utils 1.0
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »