First published: Wed Dec 10 2003(Updated: )
NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are used, which could allow users to mount file systems when XNFS should deny the host.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Novell NetWare | =6.5-sp1 | |
Novell NetWare | =6.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2003-0976 is considered a high severity vulnerability due to improper enforcement of access controls.
To fix CVE-2003-0976, ensure that the NFS server properly restricts access based on the configuration in sys:\etc\exports.
CVE-2003-0976 affects Novell NetWare 6.5, specifically Service Pack 1 and the base version.
The impact of CVE-2003-0976 allows unauthorized users to mount file systems that should be denied access.
There is no specific patch for CVE-2003-0976, but updating to a secure configuration can mitigate the vulnerability.