LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: December 19th, 2014
Linux Advisory Watch: December 12th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Ubuntu: nfs-utils vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu It was discovered that nfs-utils did not properly enforce netgroup restrictions when using TCP Wrappers. Remote attackers could bypass the netgroup restrictions enabled by the administrator and possibly gain access to sensitive information.
===========================================================
Ubuntu Security Notice USN-687-1          December 04, 2008
nfs-utils vulnerability
CVE-2008-4552
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 7.10
Ubuntu 8.04 LTS
Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  nfs-kernel-server               1:1.0.7-3ubuntu2.1

Ubuntu 7.10:
  nfs-kernel-server               1:1.1.1~git-20070709-3ubuntu1.1

Ubuntu 8.04 LTS:
  nfs-kernel-server               1:1.1.2-2ubuntu2.2

Ubuntu 8.10:
  nfs-kernel-server               1:1.1.2-4ubuntu1.1

After a standard system upgrade you need to restart nfs services to effect
the necessary changes.

Details follow:

It was discovered that nfs-utils did not properly enforce netgroup
restrictions when using TCP Wrappers. Remote attackers could bypass the
netgroup restrictions enabled by the administrator and possibly gain
access to sensitive information.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.0.7-3ubuntu2.1.diff.gz
      Size/MD5:    26729 5926412b5a7d5318b1b90747cade6294
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.0.7-3ubuntu2.1.dsc
      Size/MD5:      698 28b88a044214b04388c55c9e206b48c5
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.0.7.orig.tar.gz
      Size/MD5:   401155 73d8af4367c79f31f68a4ca45422fd17

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.0.7-3ubuntu2.1_amd64.deb
      Size/MD5:   105890 d8e004d18150e3d6e91575e91b9f3c0c
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-server_1.0.7-3ubuntu2.1_amd64.deb
      Size/MD5:   125960 7ddc8bb36714d4ee3db12ce91adbda22
    http://security.ubuntu.com/ubuntu/pool/universe/n/nfs-utils/nhfsstone_1.0.7-3ubuntu2.1_amd64.deb
      Size/MD5:    45058 d7f5a96c16456e520a28e0c0cb31cb0c

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.0.7-3ubuntu2.1_i386.deb
      Size/MD5:    94970 37cc41d6a9ad5505cb32528f14ec647f
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-server_1.0.7-3ubuntu2.1_i386.deb
      Size/MD5:   112816 e47956631dcb0c8980cd0f72a4e8428e
    http://security.ubuntu.com/ubuntu/pool/universe/n/nfs-utils/nhfsstone_1.0.7-3ubuntu2.1_i386.deb
      Size/MD5:    43208 c0a0ff484719033e7be7ef166d54602f

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.0.7-3ubuntu2.1_powerpc.deb
      Size/MD5:   107416 aac5f08b6f0f1fb5dea98a574d129225
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-server_1.0.7-3ubuntu2.1_powerpc.deb
      Size/MD5:   123988 dac1ae13e726e5e8bdca56aae8ab2a23
    http://security.ubuntu.com/ubuntu/pool/universe/n/nfs-utils/nhfsstone_1.0.7-3ubuntu2.1_powerpc.deb
      Size/MD5:    44786 b65159109f7d2f0678350194be9b25c8

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.0.7-3ubuntu2.1_sparc.deb
      Size/MD5:    96252 8628208ebf8634aeb657c1f99c34ec83
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-server_1.0.7-3ubuntu2.1_sparc.deb
      Size/MD5:   114508 a96b1eab0b5a39e0062ad2c1592c2bd6
    http://security.ubuntu.com/ubuntu/pool/universe/n/nfs-utils/nhfsstone_1.0.7-3ubuntu2.1_sparc.deb
      Size/MD5:    44092 fffba1487c5b3660c592bfe6e5bdc935

Updated packages for Ubuntu 7.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.1~git-20070709-3ubuntu1.1.diff.gz
      Size/MD5:    30941 387a16c1bfc126fe5228b7cd7f895b47
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.1~git-20070709-3ubuntu1.1.dsc
      Size/MD5:     1041 ee2f5835d47387259a1ffc509a1c800e
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.1~git-20070709.orig.tar.gz
      Size/MD5:  1207377 0c1a357290f5f233543bc942c0a006ad

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.1.1~git-20070709-3ubuntu1.1_amd64.deb
      Size/MD5:   187718 a21ea0964e11dc7437b31c8a24136a4e
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-server_1.1.1~git-20070709-3ubuntu1.1_amd64.deb
      Size/MD5:   158258 5245d20a87b1f265d699082fd3465cf0

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.1.1~git-20070709-3ubuntu1.1_i386.deb
      Size/MD5:   176422 90dcb97b35a35e59de12e1432c1ab276
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-server_1.1.1~git-20070709-3ubuntu1.1_i386.deb
      Size/MD5:   148016 9f1a96121a13d0c89fed88ff4651600c

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-common_1.1.1~git-20070709-3ubuntu1.1_lpia.deb
      Size/MD5:   174424 09722999f8b92441488357e7d51b78be
    http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-kernel-server_1.1.1~git-20070709-3ubuntu1.1_lpia.deb
      Size/MD5:   147538 3983e3fa6588d37d350cd99441b6c2eb

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.1.1~git-20070709-3ubuntu1.1_powerpc.deb
      Size/MD5:   196470 d8ac43aff7c7099db1751dbe7e7064dc
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-server_1.1.1~git-20070709-3ubuntu1.1_powerpc.deb
      Size/MD5:   164396 668269dd69cbc4c3f51510b4fa41e9ef

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.1.1~git-20070709-3ubuntu1.1_sparc.deb
      Size/MD5:   179480 3e647339bec5baa0f94fd87a5569d8fa
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-server_1.1.1~git-20070709-3ubuntu1.1_sparc.deb
      Size/MD5:   149530 072323ce17f01390d48928254953af97

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.2-2ubuntu2.2.diff.gz
      Size/MD5:    35143 8595826433437ca8d573aadecec55b9e
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.2-2ubuntu2.2.dsc
      Size/MD5:     1022 c62bbac19283a7958350d308197562fe
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.2.orig.tar.gz
      Size/MD5:   797386 76ee9274c2b867839427eba91b327f03

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.1.2-2ubuntu2.2_amd64.deb
      Size/MD5:   203396 e8caf55e52bd09522c911658c9208e0a
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-server_1.1.2-2ubuntu2.2_amd64.deb
      Size/MD5:   161652 0b2da0a86933e493142827ee3491f041

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.1.2-2ubuntu2.2_i386.deb
      Size/MD5:   190380 3365b806f003547556784dc460854acf
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-server_1.1.2-2ubuntu2.2_i386.deb
      Size/MD5:   150442 ae44f68055ff09b377dda8f77e7d7369

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-common_1.1.2-2ubuntu2.2_lpia.deb
      Size/MD5:   190708 56cff37c459c9bacecc0e19eac96493b
    http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-kernel-server_1.1.2-2ubuntu2.2_lpia.deb
      Size/MD5:   150870 0fa925b4b0417a78b81fd437978469ab

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-common_1.1.2-2ubuntu2.2_powerpc.deb
      Size/MD5:   212528 a92ea0106bf861d99eb2bcbb0e41e49c
    http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-kernel-server_1.1.2-2ubuntu2.2_powerpc.deb
      Size/MD5:   167720 2efce3bec09f1c42f577071a597236cb

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-common_1.1.2-2ubuntu2.2_sparc.deb
      Size/MD5:   193568 c82d3d388b1839ce31464b2941f9c9a3
    http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-kernel-server_1.1.2-2ubuntu2.2_sparc.deb
      Size/MD5:   151834 6028d63bf61670986dd3ac84d82f8f7e

Updated packages for Ubuntu 8.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.2-4ubuntu1.1.diff.gz
      Size/MD5:    36776 80b7806275d3318009e26cdd4f21e80e
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.2-4ubuntu1.1.dsc
      Size/MD5:     1426 d54ccf3d5cc03325778b2197597eb3b4
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.2.orig.tar.gz
      Size/MD5:   797386 76ee9274c2b867839427eba91b327f03

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.1.2-4ubuntu1.1_amd64.deb
      Size/MD5:   206234 8fade4ffc3b54967b451601ebe3cd783
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-server_1.1.2-4ubuntu1.1_amd64.deb
      Size/MD5:   163432 52da66c1d20b506f83794d1116d7197f

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.1.2-4ubuntu1.1_i386.deb
      Size/MD5:   191928 daf9c6e085ae1dc0677dd86c7946aac9
    http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-server_1.1.2-4ubuntu1.1_i386.deb
      Size/MD5:   151532 87df37c719bd84c7520b0dfa86b9587d

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-common_1.1.2-4ubuntu1.1_lpia.deb
      Size/MD5:   190668 8d2b6e20721ce687cb179b755e36d680
    http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-kernel-server_1.1.2-4ubuntu1.1_lpia.deb
      Size/MD5:   151770 701f49fcee4e0d9c4db0ddba416a80bf

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-common_1.1.2-4ubuntu1.1_powerpc.deb
      Size/MD5:   210084 3cddb9b535c4266bc418d83c3c68e817
    http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-kernel-server_1.1.2-4ubuntu1.1_powerpc.deb
      Size/MD5:   165774 e797caaae77e93b657884c8076da8742

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-common_1.1.2-4ubuntu1.1_sparc.deb
      Size/MD5:   195372 3026036061bc3138387bb29a81dc4836
    http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-kernel-server_1.1.2-4ubuntu1.1_sparc.deb
      Size/MD5:   153086 ccddafa24f7ce6182616c995b2c90603



 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Report: U.S. planning “proportional response” to Sony hack, blamed on North Korea
Heartbleed, Shellshock, Tor and more: The 13 biggest security stories of 2014
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.