The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Nfs-utils | Nfs | * | 1.1.2 (including) |
| Nfs-utils | Nfs | 0.2 (including) | 0.2 (including) |
| Nfs-utils | Nfs | 0.2.1 (including) | 0.2.1 (including) |
| Nfs-utils | Nfs | 0.3.1 (including) | 0.3.1 (including) |
| Nfs-utils | Nfs | 0.3.3 (including) | 0.3.3 (including) |
| Nfs-utils | Nfs | 1.0 (including) | 1.0 (including) |
| Nfs-utils | Nfs | 1.0.1 (including) | 1.0.1 (including) |
| Nfs-utils | Nfs | 1.0.2 (including) | 1.0.2 (including) |
| Nfs-utils | Nfs | 1.0.3 (including) | 1.0.3 (including) |
| Nfs-utils | Nfs | 1.0.4 (including) | 1.0.4 (including) |
| Nfs-utils | Nfs | 1.0.6 (including) | 1.0.6 (including) |
| Nfs-utils | Nfs | 1.0.7 (including) | 1.0.7 (including) |
| Nfs-utils | Nfs | 1.0.7-pre-1 (including) | 1.0.7-pre-1 (including) |
| Nfs-utils | Nfs | 1.0.7-pre-2 (including) | 1.0.7-pre-2 (including) |
| Nfs-utils | Nfs | 1.0.8 (including) | 1.0.8 (including) |
| Nfs-utils | Nfs | 1.0.8-rc-1 (including) | 1.0.8-rc-1 (including) |
| Nfs-utils | Nfs | 1.0.8-rc-2 (including) | 1.0.8-rc-2 (including) |
| Nfs-utils | Nfs | 1.0.8-rc-3 (including) | 1.0.8-rc-3 (including) |
| Nfs-utils | Nfs | 1.0.8-rc-4 (including) | 1.0.8-rc-4 (including) |
| Nfs-utils | Nfs | 1.0.9 (including) | 1.0.9 (including) |
| Nfs-utils | Nfs | 1.0.10 (including) | 1.0.10 (including) |
| Nfs-utils | Nfs | 1.0.11 (including) | 1.0.11 (including) |
| Nfs-utils | Nfs | 1.0.12 (including) | 1.0.12 (including) |
| Nfs-utils | Nfs | 1.1.0 (including) | 1.1.0 (including) |
| Nfs-utils | Nfs | 1.1.0-rc-1 (including) | 1.1.0-rc-1 (including) |
| Nfs-utils | Nfs | 1.1.1 (including) | 1.1.1 (including) |