CVE-2007-4135 | Vulnerability Database | Aqua Security

The NFSv4 ID mapper (nfsidmap) before 0.17 does not properly handle return values from the getpwnam_r function when performing a username lookup, which can cause it to report a file as being owned by root instead of nobody if the file exists on the server but not on the client.

Affected Software

Name	Vendor	Start Version	End Version
Nfsidmap	Nfsv4	*	0.16.22 (including)
Red Hat Enterprise Linux 5	RedHat	nfs-utils-lib-0:1.0.8-7.2.z2	*
Libnfsidmap	Ubuntu	dapper	*
Libnfsidmap	Ubuntu	devel	*
Libnfsidmap	Ubuntu	edgy	*
Libnfsidmap	Ubuntu	feisty	*
Libnfsidmap	Ubuntu	gutsy	*
Libnfsidmap	Ubuntu	hardy	*
Libnfsidmap	Ubuntu	intrepid	*
Libnfsidmap	Ubuntu	jaunty	*
Libnfsidmap	Ubuntu	karmic	*
Libnfsidmap	Ubuntu	lucid	*
Libnfsidmap	Ubuntu	maverick	*
Libnfsidmap	Ubuntu	natty	*
Libnfsidmap	Ubuntu	upstream	*

References

http://osvdb.org/45825
http://secunia.com/advisories/26674
http://secunia.com/advisories/27043
http://www.mandriva.com/security/advisories?name=MDKSA-2007:240
http://www.novell.com/linux/security/advisories/2007_18_sr.html
http://www.redhat.com/support/errata/RHSA-2007-0951.html
http://www.securityfocus.com/bid/26767
https://exchange.xforce.ibmcloud.com/vulnerabilities/36396
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9864
http://osvdb.org/45825
http://secunia.com/advisories/26674
http://secunia.com/advisories/27043
http://www.mandriva.com/security/advisories?name=MDKSA-2007:240
http://www.novell.com/linux/security/advisories/2007_18_sr.html
http://www.redhat.com/support/errata/RHSA-2007-0951.html
http://www.securityfocus.com/bid/26767
https://exchange.xforce.ibmcloud.com/vulnerabilities/36396
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9864

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-4135
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html