USN-687-1: nfs-utils vulnerability
Posted on: 12/05/2008 12:40 AM

A new nfs-utils vulnerability update is available for Ubuntu Linux. Here the announcement:

Ubuntu Security Notice USN-687-1 December 04, 2008
nfs-utils vulnerability
CVE-2008-4552
==========================
==========================
=========

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 7.10
Ubuntu 8.04 LTS
Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
nfs-kernel-server 1:1.0.7-3ubuntu2.1

Ubuntu 7.10:
nfs-kernel-server 1:1.1.1~git-20070709-3ubuntu1.1

Ubuntu 8.04 LTS:
nfs-kernel-server 1:1.1.2-2ubuntu2.2

Ubuntu 8.10:
nfs-kernel-server 1:1.1.2-4ubuntu1.1

After a standard system upgrade you need to restart nfs services to effect
the necessary changes.

Details follow:

It was discovered that nfs-utils did not properly enforce netgroup
restrictions when using TCP Wrappers. Remote attackers could bypass the
netgroup restrictions enabled by the administrator and possibly gain
access to sensitive information.


Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.0.7=
-3ubuntu2.1.diff.gz
Size/MD5: 26729 5926412b5a7d5318b1b90747cade6294
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.0.7=
-3ubuntu2.1.dsc
Size/MD5: 698 28b88a044214b04388c55c9e206b48c5
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.0.7=
.orig.tar.gz
Size/MD5: 401155 73d8af4367c79f31f68a4ca45422fd17

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.0.=
7-3ubuntu2.1_amd64.deb
Size/MD5: 105890 d8e004d18150e3d6e91575e91b9f3c0c
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-serv=
er_1.0.7-3ubuntu2.1_amd64.deb
Size/MD5: 125960 7ddc8bb36714d4ee3db12ce91adbda22
http://security.ubuntu.com/ubuntu/pool/universe/n/nfs-utils/nhfsstone_1=
.0.7-3ubuntu2.1_amd64.deb
Size/MD5: 45058 d7f5a96c16456e520a28e0c0cb31cb0c

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.0.=
7-3ubuntu2.1_i386.deb
Size/MD5: 94970 37cc41d6a9ad5505cb32528f14ec647f
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-serv=
er_1.0.7-3ubuntu2.1_i386.deb
Size/MD5: 112816 e47956631dcb0c8980cd0f72a4e8428e
http://security.ubuntu.com/ubuntu/pool/universe/n/nfs-utils/nhfsstone_1=
.0.7-3ubuntu2.1_i386.deb
Size/MD5: 43208 c0a0ff484719033e7be7ef166d54602f

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.0.=
7-3ubuntu2.1_powerpc.deb
Size/MD5: 107416 aac5f08b6f0f1fb5dea98a574d129225
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-serv=
er_1.0.7-3ubuntu2.1_powerpc.deb
Size/MD5: 123988 dac1ae13e726e5e8bdca56aae8ab2a23
http://security.ubuntu.com/ubuntu/pool/universe/n/nfs-utils/nhfsstone_1=
.0.7-3ubuntu2.1_powerpc.deb
Size/MD5: 44786 b65159109f7d2f0678350194be9b25c8

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.0.=
7-3ubuntu2.1_sparc.deb
Size/MD5: 96252 8628208ebf8634aeb657c1f99c34ec83
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-serv=
er_1.0.7-3ubuntu2.1_sparc.deb
Size/MD5: 114508 a96b1eab0b5a39e0062ad2c1592c2bd6
http://security.ubuntu.com/ubuntu/pool/universe/n/nfs-utils/nhfsstone_1=
.0.7-3ubuntu2.1_sparc.deb
Size/MD5: 44092 fffba1487c5b3660c592bfe6e5bdc935

Updated packages for Ubuntu 7.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.1=
~git-20070709-3ubuntu1.1.diff.gz
Size/MD5: 30941 387a16c1bfc126fe5228b7cd7f895b47
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.1=
~git-20070709-3ubuntu1.1.dsc
Size/MD5: 1041 ee2f5835d47387259a1ffc509a1c800e
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.1=
~git-20070709.orig.tar.gz
Size/MD5: 1207377 0c1a357290f5f233543bc942c0a006ad

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.1.=
1~git-20070709-3ubuntu1.1_amd64.deb
Size/MD5: 187718 a21ea0964e11dc7437b31c8a24136a4e
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-serv=
er_1.1.1~git-20070709-3ubuntu1.1_amd64.deb
Size/MD5: 158258 5245d20a87b1f265d699082fd3465cf0

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.1.=
1~git-20070709-3ubuntu1.1_i386.deb
Size/MD5: 176422 90dcb97b35a35e59de12e1432c1ab276
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-serv=
er_1.1.1~git-20070709-3ubuntu1.1_i386.deb
Size/MD5: 148016 9f1a96121a13d0c89fed88ff4651600c

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-common_1.1.1~git-2007=
0709-3ubuntu1.1_lpia.deb
Size/MD5: 174424 09722999f8b92441488357e7d51b78be
http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-kernel-server_1.1.1~g=
it-20070709-3ubuntu1.1_lpia.deb
Size/MD5: 147538 3983e3fa6588d37d350cd99441b6c2eb

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.1.=
1~git-20070709-3ubuntu1.1_powerpc.deb
Size/MD5: 196470 d8ac43aff7c7099db1751dbe7e7064dc
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-serv=
er_1.1.1~git-20070709-3ubuntu1.1_powerpc.deb
Size/MD5: 164396 668269dd69cbc4c3f51510b4fa41e9ef

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.1.=
1~git-20070709-3ubuntu1.1_sparc.deb
Size/MD5: 179480 3e647339bec5baa0f94fd87a5569d8fa
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-serv=
er_1.1.1~git-20070709-3ubuntu1.1_sparc.deb
Size/MD5: 149530 072323ce17f01390d48928254953af97

Updated packages for Ubuntu 8.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.2=
-2ubuntu2.2.diff.gz
Size/MD5: 35143 8595826433437ca8d573aadecec55b9e
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.2=
-2ubuntu2.2.dsc
Size/MD5: 1022 c62bbac19283a7958350d308197562fe
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.2=
.orig.tar.gz
Size/MD5: 797386 76ee9274c2b867839427eba91b327f03

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.1.=
2-2ubuntu2.2_amd64.deb
Size/MD5: 203396 e8caf55e52bd09522c911658c9208e0a
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-serv=
er_1.1.2-2ubuntu2.2_amd64.deb
Size/MD5: 161652 0b2da0a86933e493142827ee3491f041

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.1.=
2-2ubuntu2.2_i386.deb
Size/MD5: 190380 3365b806f003547556784dc460854acf
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-serv=
er_1.1.2-2ubuntu2.2_i386.deb
Size/MD5: 150442 ae44f68055ff09b377dda8f77e7d7369

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-common_1.1.2-2ubuntu2=
.2_lpia.deb
Size/MD5: 190708 56cff37c459c9bacecc0e19eac96493b
http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-kernel-server_1.1.2-2=
ubuntu2.2_lpia.deb
Size/MD5: 150870 0fa925b4b0417a78b81fd437978469ab

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-common_1.1.2-2ubuntu2=
.2_powerpc.deb
Size/MD5: 212528 a92ea0106bf861d99eb2bcbb0e41e49c
http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-kernel-server_1.1.2-2=
ubuntu2.2_powerpc.deb
Size/MD5: 167720 2efce3bec09f1c42f577071a597236cb

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-common_1.1.2-2ubuntu2=
.2_sparc.deb
Size/MD5: 193568 c82d3d388b1839ce31464b2941f9c9a3
http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-kernel-server_1.1.2-2=
ubuntu2.2_sparc.deb
Size/MD5: 151834 6028d63bf61670986dd3ac84d82f8f7e

Updated packages for Ubuntu 8.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.2=
-4ubuntu1.1.diff.gz
Size/MD5: 36776 80b7806275d3318009e26cdd4f21e80e
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.2=
-4ubuntu1.1.dsc
Size/MD5: 1426 d54ccf3d5cc03325778b2197597eb3b4
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-utils_1.1.2=
.orig.tar.gz
Size/MD5: 797386 76ee9274c2b867839427eba91b327f03

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.1.=
2-4ubuntu1.1_amd64.deb
Size/MD5: 206234 8fade4ffc3b54967b451601ebe3cd783
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-serv=
er_1.1.2-4ubuntu1.1_amd64.deb
Size/MD5: 163432 52da66c1d20b506f83794d1116d7197f

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.1.=
2-4ubuntu1.1_i386.deb
Size/MD5: 191928 daf9c6e085ae1dc0677dd86c7946aac9
http://security.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-kernel-serv=
er_1.1.2-4ubuntu1.1_i386.deb
Size/MD5: 151532 87df37c719bd84c7520b0dfa86b9587d

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-common_1.1.2-4ubuntu1=
.1_lpia.deb
Size/MD5: 190668 8d2b6e20721ce687cb179b755e36d680
http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-kernel-server_1.1.2-4=
ubuntu1.1_lpia.deb
Size/MD5: 151770 701f49fcee4e0d9c4db0ddba416a80bf

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-common_1.1.2-4ubuntu1=
.1_powerpc.deb
Size/MD5: 210084 3cddb9b535c4266bc418d83c3c68e817
http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-kernel-server_1.1.2-4=
ubuntu1.1_powerpc.deb
Size/MD5: 165774 e797caaae77e93b657884c8076da8742

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-common_1.1.2-4ubuntu1=
.1_sparc.deb
Size/MD5: 195372 3026036061bc3138387bb29a81dc4836
http://ports.ubuntu.com/pool/main/n/nfs-utils/nfs-kernel-server_1.1.2-4=
ubuntu1.1_sparc.deb
Size/MD5: 153086 ccddafa24f7ce6182616c995b2c90603



--=-laBLNv0Bj6mHnNzKqIPi
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEABECAAYFAkk4Wa4ACgkQLMAs/0C4zNo7tgCfVl5pE2DwqAoVfve03dc2SJuv
pd8An0TlgFtvmsPXzAX1imPEJo8tnDC7
=4vNV
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/usn_687_1_nfs_utils_vulnerability.html)