New Search

The NFSv4 ID mapper (nfsidmap) before 0.17 does not properly handle return values from the getpwnam_r function when performing a username lookup which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client.

oval:org.mitre.oval:def:9864

The NFSv4 ID mapper (nfsidmap) before 0.17 does not properly handle return values from the getpwnam_r function when performing a username lookup which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 5
  • Oracle Linux 5
  • Red Hat Enterprise Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2007-4135
Product(s):