← volver
CVE-2013-1923

CVE-2013-1923

EPSS 1.0%
rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.opensuse.org/opensuse-updates/2013-06/msg00142.htmlhttp://lists.opensuse.org/opensuse-updates/2013-06/msg00146.htmlhttp://lists.opensuse.org/opensuse-updates/2013-06/msg00172.htmlhttp://marc.info/?l=linux-nfs&m=136491998607561&w=2http://marc.info/?l=linux-nfs&m=136500502805121&w=2https://bugzilla.redhat.com/show_bug.cgi?id=948072https://exchange.xforce.ibmcloud.com/vulnerabilities/85331http://www.securityfocus.com/bid/58854