National Vulnerability Database (NVD) National Vulnerability Database (CVE-2008-4552)

National Cyber Awareness System

Vulnerability Summary for CVE-2008-4552

Original release date:10/14/2008

Last revised:01/23/2013

Source: US-CERT/NIST

Overview

The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact Subscore: 6.4

Exploitability Subscore: 10.0

CVSS Version 2 Metrics:

Access Vector: Network exploitable

Access Complexity: Low

Authentication: Not required to exploit

Impact Type:Provides unauthorized access, Allows partial confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service

Vendor Statements (disclaimer)

Official Statement from Red Hat (09/02/2009)

This issue affected Red Hat Enterprise Linux 5 and was addressed by https://rhn.redhat.com/errata/RHSA-2009-1321.html

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: BID

Name: 31823

Type: Patch Information

Hyperlink:http://www.securityfocus.com/bid/31823

External Source: CONFIRM

Name: https://bugzilla.redhat.com/show_bug.cgi?id=458676

Hyperlink:https://bugzilla.redhat.com/show_bug.cgi?id=458676

External Source: CONFIRM

Name: https://bugzilla.redhat.com/show_bug.cgi?id=458676

Hyperlink:https://bugzilla.redhat.com/show_bug.cgi?id=458676

External Source: XF

Name: nfsutils-hostctl-security-bypass(45895)

Hyperlink:http://xforce.iss.net/xforce/xfdb/45895

External Source: VUPEN

Name: ADV-2010-0528

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2010/0528

External Source: UBUNTU

Name: USN-687-1

Hyperlink:http://www.ubuntu.com/usn/USN-687-1

External Source: BUGTRAQ

Name: 20081030 rPSA-2008-0307-1 nfs-client nfs-server nfs-utils

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/497935/100/0/threaded

External Source: REDHAT

Name: RHSA-2009:1321

Hyperlink:http://www.redhat.com/support/errata/RHSA-2009-1321.html

External Source: MLIST

Name: [oss-security] 20120719 Re: CVE Request: quota: incorrect use of tcp_wrappers

Hyperlink:http://www.openwall.com/lists/oss-security/2012/07/19/5

External Source: MLIST

Name: [oss-security] 20120719 CVE Request: quota: incorrect use of tcp_wrappers

Hyperlink:http://www.openwall.com/lists/oss-security/2012/07/19/2

External Source: MANDRIVA

Name: MDVSA-2009:060

Hyperlink:http://www.mandriva.com/security/advisories?name=MDVSA-2009:060

External Source: CONFIRM

Name: http://wiki.rpath.com/Advisories:rPSA-2008-0307

Hyperlink:http://wiki.rpath.com/Advisories:rPSA-2008-0307

External Source: SECUNIA

Name: 38833

Type: Advisory

Hyperlink:http://secunia.com/advisories/38833

External Source: SECUNIA

Name: 38794

Type: Advisory

Hyperlink:http://secunia.com/advisories/38794

External Source: SECUNIA

Name: 36538

Hyperlink:http://secunia.com/advisories/36538

External Source: SECUNIA

Name: 33006

Type: Advisory

Hyperlink:http://secunia.com/advisories/33006

External Source: SECUNIA

Name: 32481

Type: Advisory

Hyperlink:http://secunia.com/advisories/32481

External Source: SECUNIA

Name: 32346

Type: Advisory

Hyperlink:http://secunia.com/advisories/32346

External Source: OVAL

Name: oval:org.mitre.oval:def:8325

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8325

External Source: OVAL

Name: oval:org.mitre.oval:def:11544

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11544

External Source: MLIST

Name: [security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates

Hyperlink:http://lists.vmware.com/pipermail/security-announce/2010/000082.html

References to Check Content

Identifier:oval:org.mitre.oval:def:11544

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11544

Identifier:oval:org.mitre.oval:def:8325

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:8325

Vulnerable software and versions

Configuration 1

* cpe:/a:nfs:nfs-utils:0.3.1

* cpe:/a:nfs:nfs-utils:0.2.1

* cpe:/a:nfs:nfs-utils:1.0

* cpe:/a:nfs:nfs-utils:0.3.3

* cpe:/a:nfs:nfs-utils:0.2

* cpe:/a:nfs:nfs-utils:1.0.2

* cpe:/a:nfs:nfs-utils:1.0.1

* cpe:/a:nfs:nfs-utils:1.0.4

* cpe:/a:nfs:nfs-utils:1.0.3

* cpe:/a:nfs:nfs-utils:1.0.6

* cpe:/a:nfs:nfs-utils:1.0.7

* cpe:/a:nfs:nfs-utils:1.0.7:pre-1

* cpe:/a:nfs:nfs-utils:1.0.7:pre-2

* cpe:/a:nfs:nfs-utils:1.0.8

* cpe:/a:nfs:nfs-utils:1.0.8:rc-1

* cpe:/a:nfs:nfs-utils:1.0.8:rc-2

* cpe:/a:nfs:nfs-utils:1.0.8:rc-3

* cpe:/a:nfs:nfs-utils:1.0.8:rc-4

* cpe:/a:nfs:nfs-utils:1.0.9

* cpe:/a:nfs:nfs-utils:1.0.10

* cpe:/a:nfs:nfs-utils:1.0.11

* cpe:/a:nfs:nfs-utils:1.0.12

* cpe:/a:nfs:nfs-utils:1.1.0

* cpe:/a:nfs:nfs-utils:1.1.0:rc-1

* cpe:/a:nfs:nfs-utils:1.1.1

* cpe:/a:nfs:nfs-utils:1.1.2 and previous versions

* Denotes Vulnerable Software

Technical Details

Vulnerability Type (View All)

Permissions, Privileges, and Access Control (CWE-264)

CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4552