FS#33395 - NFS-Utils 1.2.6-4 may have an exploit
Attached to Project:
Arch Linux
Opened by fiat500 (fiat500) - Monday, 14 January 2013, 22:38 GMT
Last edited by Tobias Powalowski (tpowa) - Wednesday, 16 January 2013, 18:08 GMT
Opened by fiat500 (fiat500) - Monday, 14 January 2013, 22:38 GMT
Last edited by Tobias Powalowski (tpowa) - Wednesday, 16 January 2013, 18:08 GMT
|
Details
Description:NFS-utils updated to 1.2.6-4 has what seems to
be a possible exploit as well as choosy operation in
relation to exports. It will mount exports that are not
listed in /etc/exports or shown in showmount -e
<server>. Sometimes it will empty mount a directory
whether or not it is actually in /etc/exports or showmount
-e (without error). Other times it will mount directories
not listed in /etc/exports or showmount -e. This is between
two ArchLinux hosts initially, other distributions may
observe proper behaviour. No reason or rhyme to which
directories are chosen.
Additional info: Steps to reproduce:Mount various exports whether or not they are in /etc/exports between two ArchLinux hosts with this same update, and they can mount nfs shares or not mount nfs shares regardless of what is in /etc/exports or showmount -e. |
This task depends upon
Closed by Tobias Powalowski (tpowa)
Wednesday, 16 January 2013, 18:08 GMT
Reason for closing: Not a bug
Wednesday, 16 January 2013, 18:08 GMT
Reason for closing: Not a bug
Comment by fiat500 (fiat500) -
Tuesday, 15 January 2013, 19:15 GMT
Strange change in fsid=0 behaviour as this was for the /srv/tftp
directory. If any other exported directories reside under
/srv/tftp with the same path, would export those instead even when
using absolute paths as expected in /etc/exports. Other
distributions would ignore the fsid=0, and normal behaviour up to
this point would mount the absolute paths.