Package: nfs-kernel-server Version: 1:1.0.10-6+etch.1 Severity: grave Tags: security
Quoting from CVE-2008-4552: »nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.« (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4552) This has already been fixed in Ubuntu: http://www.ubuntu.com/usn/USN-687-1 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
