| 1 |
type: security |
| 2 |
subject: Updated nfs-utils packages fix security vulnerability |
| 3 |
CVE: |
| 4 |
- CVE-2013-1923 |
| 5 |
src: |
| 6 |
2: |
| 7 |
core: |
| 8 |
- nfs-utils-1.2.5-1.1.mga2 |
| 9 |
3: |
| 10 |
core: |
| 11 |
- nfs-utils-1.2.7-3.1.mga3 |
| 12 |
description: | |
| 13 |
It was reported that rpc.gssd in nfs-utils is vulnerable to DNS spoofing due |
| 14 |
to it depending on PTR resolution for GSSAPI authentication. Because of this, |
| 15 |
if a user where able to poison DNS to a victim's computer, they would be able |
| 16 |
to trick rpc.gssd into talking to another server (perhaps with less security) |
| 17 |
than the intended server (with stricter security). If the victim has write |
| 18 |
access to the second (less secure) server, and the attacker has read access |
| 19 |
(when they normally might not on the secure server), the victim could write |
| 20 |
files to that server, which the attacker could obtain (when normally they |
| 21 |
would not be able to). To the victim this is transparent because the victim's |
| 22 |
computer asks the KDC for a ticket to the second server due to reverse DNS |
| 23 |
resolution; in this case Krb5 authentication does not fail because the victim |
| 24 |
is talking to the "correct" server (CVE-2013-1923). |
| 25 |
references: |
| 26 |
- https://bugs.mageia.org/show_bug.cgi?id=10528 |
| 27 |
- http://lists.opensuse.org/opensuse-updates/2013-06/msg00146.html |
| 28 |
ID: MGASA-2013-0178 |
Parent Directory
| 
Revision Log