Bug 271941 - (CVE-2007-4601) CVE-2007-4601 libwrap ignores rules under certain circumstances
CVE-2007-4601 libwrap ignores rules under certain circumstances
Status: CLOSED NOTABUG
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
http://nvd.nist.gov/nvd.cfm?cvename=C...
source=fulldisc,reported=20070828,pub...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-08-31 12:06 EDT by Lubomir Kundrak
Modified: 2007-08-31 12:08 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-08-31 12:08:45 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Lubomir Kundrak 2007-08-31 12:06:22 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-4601
to the following vulnerability:

A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11 does not properly handle connections to services that use libwrap but do not specify server connection information, which might allow remote attackers to bypass intended access restrictions.

References:

https://launchpad.net/bugs/135332
http://bugs.debian.org/405342
http://www.ubuntu.com/usn/usn-507-1
Comment 1 Lubomir Kundrak 2007-08-31 12:08:45 EDT
Not vulnerable. This issue was specific to a patch from Debian project and did
not affect versions of tcp_wrappers packages as shipped with Red Hat Enterprise
Linux.

Note You need to log in before you can comment on or make changes to this bug.