• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

NFS-SERVER Remote Buffer Overflow Vulnerability

The 'nfs-server' package is prone to a remote buffer-overflow vulnerability.

A remote attacker with the ability to create symlinks on any of the filesystems on an affected computer running 'rpc.mountd' can exploit this issue to execute arbitrary code. Attackers without filesystem access may also be able to execute arbitrary code, but this has not been confirmed.

Note that the 'nfs-server' package is obsolete. The 'nfs-utils' package is not affected by this issue.