Vulnerability Note VU#698302
nfs-utils vulnerable to buffer overflow in "getquotainfo()" in "rquota_server.c"
Overview
A vulnerability in nfs-utils could permit an attacker to execute arbitrary code on the system or cause a denial of service.
Description
The NFS protocol provides remote access to shared files accross networks. The nfs-utils package provides an NFS client and server for Linux systems. Nfs-utils on 64-bit architecture machines contains a stack-based buffer overflow vulnerability. The function "getquotainfo()" in "rquota_server.c" assumes certain values to be 32-bit in size during a call to memcpy(). On a 64-bit machine, this can cause a buffer overflow. |
Impact
A remote attacker could execute arbitrary code or create a denial-of-service condition on a vulnerable server running nfs-utils. |
Solution
Apply a patch from your vendor For vendor-specific information regarding vulnerable status and patch availability, please see the vendor section of this document. |
Systems Affected (Learn More)
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| MandrakeSoft | Affected | 14 Jan 2005 | 14 Jan 2005 |
| Red Hat Inc. | Affected | 14 Jan 2005 | 20 Jan 2005 |
| TurboLinux | Affected | 14 Jan 2005 | 04 Apr 2005 |
| Debian | Not Affected | 14 Jan 2005 | 17 Jan 2005 |
| Sun Microsystems Inc. | Not Affected | 14 Jan 2005 | 20 Jan 2005 |
| Conectiva | Unknown | - | 14 Jan 2005 |
| EMC Corporation | Unknown | 14 Jan 2005 | 14 Jan 2005 |
| Hewlett-Packard Company | Unknown | 14 Jan 2005 | 14 Jan 2005 |
| IBM-zSeries | Unknown | 14 Jan 2005 | 14 Jan 2005 |
| IBM eServer | Unknown | 14 Jan 2005 | 14 Jan 2005 |
| Immunix | Unknown | 14 Jan 2005 | 14 Jan 2005 |
| Ingrian Networks | Unknown | 14 Jan 2005 | 14 Jan 2005 |
| MontaVista Software | Unknown | 14 Jan 2005 | 14 Jan 2005 |
| Novell | Unknown | 14 Jan 2005 | 14 Jan 2005 |
| Openwall GNU/*/Linux | Unknown | 14 Jan 2005 | 14 Jan 2005 |
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | N/A | N/A |
| Temporal | N/A | N/A |
| Environmental | N/A | N/A |
References
- http://www.gentoo.org/security/en/glsa/glsa-200412-08.xml
- http://secunia.com/advisories/13440/
- http://xforce.iss.net/xforce/xfdb/18455
- http://www.securityfocus.com/bid/11911
- http://nfs.sourceforge.net/
Credit
Red Hat credits Arjan van de Ven with reporting this vulnerability.
This document was written by Will Dormann.
Other Information
- CVE IDs: CAN-2004-0946
- Date Public: 22 Nov 2004
- Date First Published: 04 Mar 2005
- Date Last Updated: 04 Apr 2005
- Severity Metric: 7.48
- Document Revision: 7
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.