1 |
type: security |
2 |
subject: Updated nfs-utils packages fix security vulnerability |
3 |
CVE: |
4 |
- CVE-2013-1923 |
5 |
src: |
6 |
2: |
7 |
core: |
8 |
- nfs-utils-1.2.5-1.1.mga2 |
9 |
3: |
10 |
core: |
11 |
- nfs-utils-1.2.7-3.1.mga3 |
12 |
description: | |
13 |
It was reported that rpc.gssd in nfs-utils is vulnerable to DNS spoofing due |
14 |
to it depending on PTR resolution for GSSAPI authentication. Because of this, |
15 |
if a user where able to poison DNS to a victim's computer, they would be able |
16 |
to trick rpc.gssd into talking to another server (perhaps with less security) |
17 |
than the intended server (with stricter security). If the victim has write |
18 |
access to the second (less secure) server, and the attacker has read access |
19 |
(when they normally might not on the secure server), the victim could write |
20 |
files to that server, which the attacker could obtain (when normally they |
21 |
would not be able to). To the victim this is transparent because the victim's |
22 |
computer asks the KDC for a ticket to the second server due to reverse DNS |
23 |
resolution; in this case Krb5 authentication does not fail because the victim |
24 |
is talking to the "correct" server (CVE-2013-1923). |
25 |
references: |
26 |
- https://bugs.mageia.org/show_bug.cgi?id=10528 |
27 |
- http://lists.opensuse.org/opensuse-updates/2013-06/msg00146.html |