Launchpad CVE tracker

CVE 2007-4135

The NFSv4 ID mapper (nfsidmap) before 0.17 does not properly handle return values from the getpwnam_r function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client.

Related bugs and status

CVE-2007-4135 (Candidate) is related to these bugs:

Bug #175317: [libnfsidmap] [CVE-2007-4135] translation flaw in name lookups

Summary				In	Importance	Status
	175317	[libnfsidmap] [CVE-2007-4135] translation flaw in name lookups		libnfsidmap (Ubuntu)	Low	Fix Released
	175317	[libnfsidmap] [CVE-2007-4135] translation flaw in name lookups		libnfsidmap (Ubuntu Dapper)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

MISC: http://secunia.com/adv...
MISC: http://www.securityfoc...
MISC: http://secunia.com/adv...
MISC: http://osvdb.org/45825
MISC: http://www.mandriva.co...
MISC: http://www.redhat.com/...
MISC: http://www.novell.com/...
MISC: https://exchange.xforc...
MISC: https://oval.cisecurit...

Launchpad.net

CVE 2007-4135

Related bugs and status

Related bugs

References