NFSv4 ID Mapper nfsidmap Username Lookup Local Privilege Escalation Vulnerability

Bugtraq ID: 26767
Class: Access Validation Error
CVE: CVE-2007-4135
Remote: No
Local: Yes
Published: Dec 07 2007 12:00AM
Updated: Dec 10 2007 02:52PM
Credit: Tony Ernst from SGI discovered this issue.
Vulnerable: SuSE Linux Enterprise Server 10
+ Linux kernel 2.6.5
Redhat Enterprise Linux Desktop Workstation 5 client
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux 5 Server
Mandriva Linux Mandrake 2007.0 x86_64
Mandriva Linux Mandrake 2007.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
Not Vulnerable: CITI nfsidmap 0.17


 

Privacy Statement
Copyright 2010, SecurityFocus