GLSA-200903-06 : nfs-utils: Access restriction bypass
High Nessus Plugin ID 35796
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200903-06 (nfs-utils: Access restriction bypass)
Michele Marcionelli reported that nfs-utils invokes the hosts_ctl() function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups.
A remote attacker could bypass intended access restrictions, i.e. NFS netgroups, and gain access to restricted services.
There is no known workaround at this time.
SolutionAll nfs-utils users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-fs/nfs-utils-1.1.3'