nfs-utils security update
This update fixes the following security issues:
When using wildcards in /etc/exports an attacker could gain
unauthorized access to an nfs exported filesystem by
creating a DNS record that resolves to the attacker's IP as
well as to a trusted IP (CVE-2011-2500).
mount.nfs could corrupt /etc/mtab (CVE-2011-1749).
-
Submitted by
Adrian Schröter (adrianSuSE)
- Version 4831
Fixed bugs
bnc#689799
VUL-1: CVE-2011-1089-like flaw in mount.nfs
bnc#693189
Multiple mount/umount + showmount commands crash rpc.mountd
bnc#701702
VUL-0: nfs-utils: Configuration dependent remotely exploitable security issue with nfs-utils.
CVE#CVE-2011-1749
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE#CVE-2011-2500
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
