Summary
The remote host is missing updates to nfs-utils announced in advisory RHSA-2009:1321.
It was discovered that nfs-utils did not use tcp_wrappers correctly.
Certain hosts access rules defined in /etc/hosts.allow and /etc/hosts.deny may not have been honored, possibly allowing remote attackers to bypass intended access restrictions. (CVE-2008-4552)
Solution
Intall the update. After installing the update,
the nfs service will be restarted automatically.
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date
References
Severity
Classification
-
CVE CVE-2008-4552 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities