MidnightBSD

Advisories for nfs

CVE-2004-0154 MEDIUM

rpc.mountd in nfs-utils after 1.0.3 and before 1.0.6 allows attackers to cause a denial of service (crash) via an NFS mount of a directory from a client whose reverse DNS lookup name is different from the forward lookup name.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
nfs nfs-utils 1.0
nfs nfs-utils 1.0.1
nfs nfs-utils 1.0.6
nfs nfs-utils 1.0.3
nfs nfs-utils 1.0.4
CVE-2004-0946 HIGH

rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 3.0
redhat enterprise_linux 3.0
nfs nfs-utils 1.0
nfs nfs-utils 1.0.1
nfs nfs-utils 1.0.2
nfs nfs-utils 1.0.6
nfs nfs-utils 1.0.3
nfs nfs-utils 1.0.4
CVE-2004-1014 MEDIUM

statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 3.0
redhat enterprise_linux 3.0
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 9.2
mandrakesoft mandrake_linux 10.1
nfs nfs-utils 1.0.6
debian debian_linux 3.0
mandrakesoft mandrake_linux 10.0