The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota (aka quota) before 3.17 invokes the hosts_ctl function the first time without a host name, which might allow remote attackers to bypass TCP Wrappers rules in hosts.deny.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_diskquota | Jan_kara | 3.01 | 3.01 |
Linux_diskquota | Jan_kara | 3.01 | 3.01 |
Linux_diskquota | Jan_kara | 3.02 | 3.02 |
Linux_diskquota | Jan_kara | 2.0 | 2.0 |
Linux_diskquota | Jan_kara | 3.09 | 3.09 |
Linux_diskquota | Jan_kara | 3.01 | 3.01 |
Linux_diskquota | Jan_kara | 3.01 | 3.01 |
Linux_diskquota | Jan_kara | 3.03 | 3.03 |
Linux_diskquota | Jan_kara | * | 3.16 |
Linux_diskquota | Jan_kara | 3.08 | 3.08 |
Linux_diskquota | Jan_kara | 3.11 | 3.11 |
Linux_diskquota | Jan_kara | 3.14 | 3.14 |
Linux_diskquota | Jan_kara | 3.07 | 3.07 |
Linux_diskquota | Jan_kara | 3.01 | 3.01 |
Linux_diskquota | Jan_kara | 3.01 | 3.01 |
Linux_diskquota | Jan_kara | 3.12 | 3.12 |
Linux_diskquota | Jan_kara | 3.06 | 3.06 |
Linux_diskquota | Jan_kara | 3.15 | 3.15 |
Linux_diskquota | Jan_kara | 3.05 | 3.05 |
Linux_diskquota | Jan_kara | 3.01 | 3.01 |
Linux_diskquota | Jan_kara | 3.04 | 3.04 |
Linux_diskquota | Jan_kara | 3.01 | 3.01 |
Linux_diskquota | Jan_kara | 3.01 | 3.01 |
Linux_diskquota | Jan_kara | 3.13 | 3.13 |
Linux_diskquota | Jan_kara | 3.10 | 3.10 |