Test ID:	1.3.6.1.4.1.25623.1.0.51194
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2004:072
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2004:072. Updated nfs-utils packages that fix a flaw leading to possible rpc.mountd crashes are now available. The nfs-utils package contains the rpc.mountd program, which implements the NFS mount protocol. A flaw was discovered in versions of rpc.mountd in nfs-utils versions after 1.0.3 and prior to 1.0.6. When mounting a directory, rpc.mountd could crash if the reverse lookup of the client in DNS failed to match the forward lookup. An attacker who has the ability to mount remote directories from a server could make use of this flaw to cause a denial of service by making rpc.mountd crash. Users are advised to upgrade to these updated packages, which contain nfs-utils 1.0.6 and is not vulnerable to this issue. http://www.kernel.org/pub/linux/utils/nfs/ChangeLog-nfs-utils-1.0.6 Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	BugTraq ID: 9813 Common Vulnerability Exposure (CVE) ID: CVE-2004-0154 http://www.securityfocus.com/bid/9813 http://bugzilla.redhat.com/bugzilla/long_list.cgi?buglist=114535 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A861 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9673 http://www.redhat.com/support/errata/RHSA-2004-072.html http://www.trustix.org/errata/misc/2004/TSL-2004-0009-nfs-utils.asc.txt XForce ISS Database: nfs-utils-dns-dos(15418) https://exchange.xforce.ibmcloud.com/vulnerabilities/15418
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.