The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota (aka quota) before 3.17 invokes the hosts_ctl function the first time without a host name, which might allow remote attackers to bypass TCP Wrappers rules in hosts.deny.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2012-08-13 20:55
Updated : 2024-02-28 12:00
NVD link : CVE-2012-3417
Mitre link : CVE-2012-3417
CVE.ORG link : CVE-2012-3417
JSON object : View
Products Affected
jan_kara
- linux_diskquota
CWE
CWE-264
Permissions, Privileges, and Access Controls