← back
CVE-2013-1923

CVE-2013-1923

EPSS 1.0%
rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.opensuse.org/opensuse-updates/2013-06/msg00142.htmlhttp://lists.opensuse.org/opensuse-updates/2013-06/msg00146.htmlhttp://lists.opensuse.org/opensuse-updates/2013-06/msg00172.htmlhttp://marc.info/?l=linux-nfs&m=136491998607561&w=2http://marc.info/?l=linux-nfs&m=136500502805121&w=2https://bugzilla.redhat.com/show_bug.cgi?id=948072https://exchange.xforce.ibmcloud.com/vulnerabilities/85331http://www.securityfocus.com/bid/58854