CVE-2008-4552
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2008-4552
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2008-4552.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2008-4552
- Downstream
- Published
- 2008-10-14T20:00:01Z
- Modified
- 2025-08-09T19:01:28Z
- Summary
- [none]
- Details
-
The goodclient function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hostsctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.
- References
-
- http://secunia.com/advisories/32346
- http://secunia.com/advisories/32481
- http://secunia.com/advisories/33006
- http://secunia.com/advisories/36538
- http://secunia.com/advisories/38794
- http://secunia.com/advisories/38833
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:060
- http://www.ubuntu.com/usn/USN-687-1
- http://www.vupen.com/english/advisories/2010/0528
- http://www.securityfocus.com/bid/31823
- https://bugzilla.redhat.com/show_bug.cgi?id=458676
- http://lists.vmware.com/pipermail/security-announce/2010/000082.html
- http://wiki.rpath.com/Advisories:rPSA-2008-0307
- http://www.openwall.com/lists/oss-security/2012/07/19/2
- http://www.openwall.com/lists/oss-security/2012/07/19/5
- http://www.redhat.com/support/errata/RHSA-2009-1321.html
- http://www.securityfocus.com/archive/1/497935/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45895
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11544
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8325