RHSA-2011:1534: Low: nfs-utils security, bug fix, and enhancement update

First published: Tue Dec 06 2011(Updated: )

The nfs-utils packages provide a daemon for the kernel Network File System<br>(NFS) server, and related tools such as the mount.nfs, umount.nfs, and<br>showmount programs.<br>A flaw was found in the way nfs-utils performed IP based authentication of<br>mount requests. In configurations where a directory was exported to a group<br>of systems using a DNS wildcard or NIS (Network Information Service)<br>netgroup, an attacker could possibly gain access to other directories<br>exported to a specific host or subnet, bypassing intended access<br>restrictions. (CVE-2011-2500)<br>It was found that the mount.nfs tool did not handle certain errors<br>correctly when updating the mtab (mounted file systems table) file. A local<br>attacker could use this flaw to corrupt the mtab file. (CVE-2011-1749)<br>This update also fixes several bugs and adds an enhancement. Documentation<br>for these bug fixes and the enhancement will be available shortly from the<br>Technical Notes document, linked to in the References section.<br>Users of nfs-utils are advised to upgrade to these updated packages, which<br>contain backported patches to resolve these issues and add this<br>enhancement. After installing this update, the nfs service will be<br>restarted automatically.<br>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/redhat-errata
• anchor-id/RHSA-2011:1534
• agent/description
• agent/event
• agent/first-publish-date
• agent/last-modified-date
• agent/references
• agent/remedy
• agent/severity
• agent/softwarecombine
• agent/tags
• agent/title
• agent/type
• package-manager/redhat