CVE-2008-4552
EPSS 1.4%Published: 10/14/2008Modified: 4/28/2026
Also known as:DEBIAN-CVE-2008-4552
Description
The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.
Affected packages (1)
- Debian/nfs-utilsfrom 0, < 1:1.1.3-1