CVE-2006-0043

NameCVE-2006-0043
DescriptionBuffer overflow in the realpath function in nfs-server rpc.mountd, as used in SUSE Linux 9.1 through 10.0, allows local users to execute arbitrary code via unspecified vectors involving mount requests and symlinks.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
ReferencesDSA-975-1
Debian Bugs350020

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
nfs-user-serversourcewoody2.2beta47-12woody1DSA-975-1
nfs-user-serversourcesarge2.2beta47-20sarge2DSA-975-1
nfs-user-serversource(unstable)2.2beta47-22high350020

Notes

nfs-utils (kernel NFS server) is not affected
(it uses PATH_MAX for the buffer passed to realpath).
Search for package or bug name: Reporting problems