• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

NFS-Utils Xlog Remote Buffer Overrun Vulnerability

Solution:
This issue has been addressed in nfs-utils 1.0.4. Users are advised to upgrade.

Red Hat has released an advisory (RHSA-2003:206-08) that addresses this issue. This advisory is an updated release that includes fixes for additional platforms. See the referenced advisory for details on obtaining and applying fixes.

Debian has released an advisory (DSA 349-1) for this issue. Please see the attached advisory for information on how to obtain and apply fixes.

SuSE has released an advisory (SuSE-SA:2003:031) that contains information about updates for this issue. Please see the attached advisory for further details on obtaining and applying updates.

Slackware has released an advisory (SSA:2003-149-01) as well as updates to correct these issues.

WireX has released Immunix advisory IMNX-2003-7+-018-01 to address this issue.

Trustix has released an advisory (TSLSA-2003-0027) to address this issue.

Gentoo has released an advisory to address this issue. Upgrades can be applied with the following commands:

emerge sync
emerge nfs-utils
emerge clean

Mandrake has released advisory MDKSA-2003:076 to address this issue. Please see referenced advisory for additional details and fix information.

TurboLinux has released advisory TLSA-2003-44 to address this issue. Vulnerable users are advised to use the turbopkg tool to update affected systems. See referenced advisory for additional details.

Sun Microsystems has released a fix for Sun Linux 5.0.6.

Updates are available for Yellow Dog Linux. These updates can be applied manually or by issuing the following command:

yum update nfs-utils

SCO has released an advisory (CSSA-2003-037.0) that includes updates for this issue.

Sun has released fixes to address this issue in Sun Cobalt RaQXRT and RaQ4.

Fixes are available:


Sun Cobalt RaQ XTR

• Sun RaQXTR-All-Security-1.0.1-16571.pkg
  http://ftp.cobalt.sun.com/pub/packages/raqxtr/eng/RaQXTR-All-Security- 1.0.1-16571.pkg

nfs nfs-utils 0.2

• nfs nfs-utils 1.0.4
  http://sourceforge.net/project/showfiles.php?group_id=14&release_id=17 1379

nfs nfs-utils 0.2.1

• nfs nfs-utils 1.0.4
  http://sourceforge.net/project/showfiles.php?group_id=14&release_id=17 1379


• TurboLinux nfs-utils-0.2.1-10.i386.rpm
  ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/AdvancedServ er/6/ja/updates/RPMS/nfs-utils-0.2.1-10.i386.rpm


• TurboLinux nfs-utils-0.2.1-10.i386.rpm
  ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/ updates/RPMS/nfs-utils-0.2.1-10.i386.rpm


• TurboLinux nfs-utils-0.2.1-10.i386.rpm
  ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/upd ates/RPMS/nfs-utils-0.2.1-10.i386.rpm


• TurboLinux nfs-utils-0.2.1-10.i386.rpm
  ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6. 0/ja/updates/RPMS/nfs-utils-0.2.1-10.i386.rpm

nfs nfs-utils 0.3.1

• Conectiva nfs-utils-0.3.1-6U70_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/nfs-utils-0.3.1-6U70_1cl. i386.rpm


• Conectiva nfs-utils-0.3.1-6U80_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/8/RPMS/nfs-utils-0.3.1-6U80_1cl.i3 86.rpm


• Immunix nfs-utils-0.3.1-7_imnx_3.i386.rpm
  http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/nfs-utils-0.3.1- 7_imnx_3.i386.rpm


• nfs nfs-utils 1.0.4
  http://sourceforge.net/project/showfiles.php?group_id=14&release_id=17 1379


• SuSE nfs-utils-0.3.1-111.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/nfs-utils-0.3.1-111.i38 6.rpm


• SuSE nfs-utils-0.3.1-112.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/7.2/n1/nfs-utils-0.3.1-112.i38 6.rpm


• SuSE nfs-utils-0.3.1-49.sparc.rpm
  ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/nfs-utils-0.3.1-49.spa rc.rpm


• SuSE nfs-utils-0.3.1-60.ppc.rpm
  ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/nfs-utils-0.3.1-60.ppc.r pm


• Trustix nfs-utils-0.3.1-3tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/nfs-utils-0.3.1-3tr .i586.rpm


• Trustix nfs-utils-0.3.1-3tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/nfs-utils-0.3.1-3tr .i586.rpm


• TurboLinux nfs-utils-0.3.1-5.i586.rpm
  ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/upd ates/RPMS/nfs-utils-0.3.1-5.i586.rpm


• TurboLinux nfs-utils-0.3.1-5.i586.rpm
  ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/upd ates/RPMS/nfs-utils-0.3.1-5.i586.rpm


• TurboLinux nfs-utils-0.3.1-5.i586.rpm
  ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 7/updates/RPMS/nfs-utils-0.3.1-5.i586.rpm


• TurboLinux nfs-utils-0.3.1-5.i586.rpm
  ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 8/updates/RPMS/nfs-utils-0.3.1-5.i586.rpm

nfs nfs-utils 0.3.3

• Mandrake nfs-utils-0.3.3-3.1mdk.i586.rpm
  Mandrake Linux 8.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake nfs-utils-clients-0.3.3-3.1mdk.i586.rpm
  Mandrake Linux 8.2
  http://www.mandrakesecure.net/en/ftp.php


• nfs nfs-utils 1.0.4
  http://sourceforge.net/project/showfiles.php?group_id=14&release_id=17 1379


• Slackware nfs-utils-1.0.4-i386-2.tgz
  ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/n fs-utils-1.0.4-i386-2.tgz


• SuSE nfs-utils-0.3.3-178.i386.patch.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/nfs-utils-0.3.3-178.i38 6.patch.rpm


• SuSE nfs-utils-0.3.3-178.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/nfs-utils-0.3.3-178.i38 6.rpm

nfs nfs-utils 1.0

• Debian nfs-common_1.0-2woody1_alpha.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-common_1. 0-2woody1_alpha.deb


• Debian nfs-common_1.0-2woody1_arm.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-common_1. 0-2woody1_arm.deb


• Debian nfs-common_1.0-2woody1_hppa.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-common_1. 0-2woody1_hppa.deb


• Debian nfs-common_1.0-2woody1_i386.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-common_1. 0-2woody1_i386.deb


• Debian nfs-common_1.0-2woody1_ia64.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-common_1. 0-2woody1_ia64.deb


• Debian nfs-common_1.0-2woody1_m68k.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-common_1. 0-2woody1_m68k.deb


• Debian nfs-common_1.0-2woody1_mips.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-common_1. 0-2woody1_mips.deb


• Debian nfs-common_1.0-2woody1_mipsel.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-common_1. 0-2woody1_mipsel.deb


• Debian nfs-common_1.0-2woody1_powerpc.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-common_1. 0-2woody1_powerpc.deb


• Debian nfs-common_1.0-2woody1_s390.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-common_1. 0-2woody1_s390.deb


• Debian nfs-common_1.0-2woody1_sparc.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-common_1. 0-2woody1_sparc.deb


• Debian nfs-kernel-server_1.0-2woody1_alpha.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-kernel-se rver_1.0-2woody1_alpha.deb


• Debian nfs-kernel-server_1.0-2woody1_arm.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-kernel-se rver_1.0-2woody1_arm.deb


• Debian nfs-kernel-server_1.0-2woody1_hppa.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-kernel-se rver_1.0-2woody1_hppa.deb


• Debian nfs-kernel-server_1.0-2woody1_i386.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-kernel-se rver_1.0-2woody1_i386.deb


• Debian nfs-kernel-server_1.0-2woody1_ia64.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-kernel-se rver_1.0-2woody1_ia64.deb


• Debian nfs-kernel-server_1.0-2woody1_m68k.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-kernel-se rver_1.0-2woody1_m68k.deb


• Debian nfs-kernel-server_1.0-2woody1_mips.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-kernel-se rver_1.0-2woody1_mips.deb


• Debian nfs-kernel-server_1.0-2woody1_mipsel.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-kernel-se rver_1.0-2woody1_mipsel.deb


• Debian nfs-kernel-server_1.0-2woody1_powerpc.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-kernel-se rver_1.0-2woody1_powerpc.deb


• Debian nfs-kernel-server_1.0-2woody1_s390.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-kernel-se rver_1.0-2woody1_s390.deb


• Debian nfs-kernel-server_1.0-2woody1_sparc.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nfs-kernel-se rver_1.0-2woody1_sparc.deb


• Debian nhfsstone_1.0-2woody1_alpha.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nhfsstone_1.0 -2woody1_alpha.deb


• Debian nhfsstone_1.0-2woody1_arm.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nhfsstone_1.0 -2woody1_arm.deb


• Debian nhfsstone_1.0-2woody1_hppa.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nhfsstone_1.0 -2woody1_hppa.deb


• Debian nhfsstone_1.0-2woody1_i386.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nhfsstone_1.0 -2woody1_i386.deb


• Debian nhfsstone_1.0-2woody1_ia64.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nhfsstone_1.0 -2woody1_ia64.deb


• Debian nhfsstone_1.0-2woody1_m68k.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nhfsstone_1.0 -2woody1_m68k.deb


• Debian nhfsstone_1.0-2woody1_mips.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nhfsstone_1.0 -2woody1_mips.deb


• Debian nhfsstone_1.0-2woody1_mipsel.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nhfsstone_1.0 -2woody1_mipsel.deb


• Debian nhfsstone_1.0-2woody1_powerpc.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nhfsstone_1.0 -2woody1_powerpc.deb


• Debian nhfsstone_1.0-2woody1_s390.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nhfsstone_1.0 -2woody1_s390.deb


• Debian nhfsstone_1.0-2woody1_sparc.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/n/nfs-utils/nhfsstone_1.0 -2woody1_sparc.deb

nfs nfs-utils 1.0.1

• Conectiva nfs-utils-1.0.1-109.i586.rpm
  ftp://ul.conectiva.com.br/updates/1.0/RPMS.core/nfs-utils-1.0.1-109.i5 86.rpm


• Conectiva nfs-utils-1.0.1-17482U90_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/9/RPMS/nfs-utils-1.0.1-17482U90_1c l.i386.rpm


• Mandrake nfs-utils-1.0.1-1.1mdk.i586.rpm
  Mandrake Linux 9.0, 9.1, & Corporate Server 2.1
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake nfs-utils-1.0.1-1.1mdk.ppc.rpm
  Mandrake Linux 9.1/PPC
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake nfs-utils-1.0.1-1.1mdk.x86_64.rpm
  Mandrake Corporate Server 2.1/X86_64
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake nfs-utils-clients-1.0.1-1.1mdk.i586.rpm
  Mandrake Linux 9.0, 9.1, & Corporate Server 2.1
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake nfs-utils-clients-1.0.1-1.1mdk.ppc.rpm
  Mandrake Linux 9.1/PPC
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake nfs-utils-clients-1.0.1-1.1mdk.x86_64.rpm
  Mandrake Corporate Server 2.1/X86_64
  http://www.mandrakesecure.net/en/ftp.php


• nfs nfs-utils 1.0.4
  http://sourceforge.net/project/showfiles.php?group_id=14&release_id=17 1379


• Slackware nfs-utils-1.0.4-i386-2.tgz
  ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/n fs-utils-1.0.4-i386-2.tgz


• SuSE nfs-utils-1.0.1-109.i586.patch.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/nfs-utils-1.0.1-1 09.i586.patch.rpm


• SuSE nfs-utils-1.0.1-109.i586.patch.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/nfs-utils-1.0.1-1 09.i586.patch.rpm


• SuSE nfs-utils-0.3.3-178.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/nfs-utils-0.3.3-178.i38 6.rpm


• SuSE nfs-utils-1.0.1-109.i586.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/nfs-utils-1.0.1-1 09.i586.rpm


• SuSE nfs-utils-1.0.1-109.i586.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/nfs-utils-1.0.1-1 09.i586.rpm


• Trustix nfs-utils-1.0.5-1tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/2.0/RPMS/nfs-utils-1.0.5-1tr .i586.rpm


• Yellow Dog nfs-utils-1.0.1-3.9.ppc.rpm
  ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/yellowdog-3.0/ppc/n fs-utils-1.0.1-3.9.ppc.rpm

nfs nfs-utils 1.0.3

• nfs nfs-utils 1.0.4
  http://sourceforge.net/project/showfiles.php?group_id=14&release_id=17 1379


• Slackware nfs-utils-1.0.4-i386-1.tgz
  Slackware 8.1
  ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/n fs-utils-1.0.4-i386-1.tgz


• Slackware nfs-utils-1.0.4-i386-1.tgz
  Slackware 9.0
  ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/n fs-utils-1.0.4-i386-1.tgz


• Slackware nfs-utils-1.0.4-i486-1.tgz
  Slackware -current
  ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/nf s-utils-1.0.4-i486-1.tgz


• Slackware nfs-utils-1.0.4-i486-2.tgz
  ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/nf s-utils-1.0.4-i486-2.tgz


• Sun nfs-utils-0.3.1-14.72.i386.rpm
  ftp://ftp.cobalt.sun.com/pub/products/sunlinux/5.0/en/updates/i386/RPM S/nfs-utils-0.3.1-14.72.i386.rpm

SCO OpenLinux Workstation 3.1.1

• SCO nfs-0.2.1-12.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-03 7.0/RPMS/nfs-0.2.1-12.i386.rpm


• SCO nfs-lockd-0.2.1-12.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-03 7.0/RPMS/nfs-lockd-0.2.1-12.i386.rpm


• SCO nfs-server-0.2.1-12.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-03 7.0/RPMS/nfs-server-0.2.1-12.i386.rpm

SCO OpenLinux Server 3.1.1

• SCO nfs-0.2.1-12.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-037.0/R PMS/nfs-0.2.1-12.i386.rpm


• SCO nfs-lockd-0.2.1-12.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-037.0/R PMS/nfs-lockd-0.2.1-12.i386.rpm


• SCO nfs-server-0.2.1-12.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-037.0/R PMS/nfs-server-0.2.1-12.i386.rpm