RHSA-2007:0913: Important: nfs-utils-lib security update
First published: Wed Sep 19 2007(Updated: )
The nfs-utils-lib package contains support libraries that are needed by the<br>commands and daemons of the nfs-utils package.<br>Tenable Network Security discovered a stack buffer overflow flaw in the RPC<br>library used by nfs-utils-lib. A remote unauthenticated attacker who can<br>access an application linked against nfs-utils-lib could trigger this flaw<br>and cause the application to crash. On Red Hat Enterprise Linux 4 it is not<br>possible to exploit this flaw to run arbitrary code as the overflow is<br>blocked by FORTIFY_SOURCE. (CVE-2007-3999)<br>Users of nfs-utils-lib are advised to upgrade to this updated package,<br>which contains a backported patch that resolves this issue.
| Affected Software | Affected Version | How to fix |
|---|
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2007:0913