Vulnerability Description
Certain Fedora build scripts for nfs-utils before 1.1.2-9.fc9 on Fedora 9, and before 1.1.4-6.fc10 on Fedora 10, omit TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions, possibly a related issue to CVE-2008-1376.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nfs | Nfs-Utils | <= 1.1.2 |
| Redhat | Fedora | 9 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/33545Vendor Advisory
- http://www.securityfocus.com/bid/33294
- https://bugzilla.redhat.com/show_bug.cgi?id=477864
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48058
- https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00376.ht
- https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00526.ht
- http://secunia.com/advisories/33545Vendor Advisory
- http://www.securityfocus.com/bid/33294
- https://bugzilla.redhat.com/show_bug.cgi?id=477864
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48058
- https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00376.ht
- https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00526.ht
FAQ
What is CVE-2009-0180?
CVE-2009-0180 is a vulnerability with a CVSS score of 7.5 (HIGH). Certain Fedora build scripts for nfs-utils before 1.1.2-9.fc9 on Fedora 9, and before 1.1.4-6.fc10 on Fedora 10, omit TCP Wrapper support, which might allow remote attackers to bypass intended access ...
How severe is CVE-2009-0180?
CVE-2009-0180 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0180?
Check the references section above for vendor advisories and patch information. Affected products include: Nfs Nfs-Utils, Redhat Fedora.