CVE-2012-3417

Published Aug 13, 2012

Last updated 2 years ago

CVSS info 4.0

Overview

Description: The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota (aka quota) before 3.17 invokes the hosts_ctl function the first time without a host name, which might allow remote attackers to bypass TCP Wrappers rules in hosts.deny.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4
Impact score: 4.9
Exploitability score: 4.9
Vector string: AV:N/AC:H/Au:N/C:P/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77F28BE0-037E-479E-A95C-6D681A6A19C1",
            "versionEndIncluding": "3.16"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9362964B-6440-4545-BA65-7DDF6F29EA9A"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC51763E-994F-4A1C-893F-F186E4183581"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.01:pre2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46E8BDF5-3C93-4BF3-9503-41B55C776F61"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.01:pre3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9FB7D18-42CF-4E7B-B40E-18C06C841F9F"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.01:pre4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD819541-2B75-4B1A-944C-605716422CE8"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.01:pre5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8FCA58F-35C8-4D3C-94CF-594E14EC9E0A"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.01:pre6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB6F8082-6F27-4286-81B6-E1ED607CB45E"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.01:pre7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C605E2C-BCBD-427E-85F3-0E282C0BEE5F"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.01:pre8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D7F99C5-39EC-44E4-9BB9-383C3CDD3ACD"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.01:pre9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A970116-FDBF-4FD1-B7DA-389D0D5B26C0"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28CADF62-A14E-485F-B3B7-3CBD922323B7"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F455BF2F-6913-4C6C-990C-2BF7111D0A51"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.04:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA3935BE-8F69-4D28-850B-4BD70B728F98"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.05:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B8E9A47-5978-4D33-B1CC-42611C4A5C7D"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.06:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC58E3FE-1DE7-4D76-A87B-39B92280EB61"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.07:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3827120E-3541-45BE-8B96-D400EEEF0A58"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.08:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E847D560-7C32-46C6-845C-0C0327B42333"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.09:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D8B35F1-6FEA-4AA9-A0C2-7A97E0152FEE"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D787327-0E84-4653-B3B2-D38F47D84FDE"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "880A3DD5-7D43-4041-87F3-6A8207152795"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2B57FEA-4C06-4024-8A7B-52B4364613DE"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7FFD7032-83F8-4A59-BFB8-4ED75F1E1A8F"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E96579A-6FCF-4BB9-84A5-067EAFC1323C"
          },
          {
            "criteria": "cpe:2.3:a:jan_kara:linux_diskquota:3.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2CD41A4-556A-4F61-BAFE-5D6602FEAEF5"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References