CVE-2013-1923 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2013-1923 Interim 1 16 2023-12-08T02:41:23Z current 2021-05-30T13:11:00Z 2023-12-08T02:41:23Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2013-1923 rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2013-May/000461.html E-Mail link for SUSE-SU-2013:0821-1 https://lists.suse.com/pipermail/sle-security-updates/2013-May/000462.html E-Mail link for SUSE-SU-2013:0822-1 https://lists.suse.com/pipermail/sle-security-updates/2013-November/000636.html E-Mail link for SUSE-SU-2013:1668-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP2 nfs-client-1.2.1-2.26.1 nfs-client-1.2.3-18.31.1 nfs-client-1.2.3-18.38.43.1 nfs-doc-1.2.1-2.24.1 nfs-doc-1.2.3-18.29.1 nfs-doc-1.2.3-18.38.43.1 nfs-kernel-server-1.2.1-2.24.1 nfs-kernel-server-1.2.3-18.29.1 nfs-kernel-server-1.2.3-18.38.43.1 nfs-client-1.2.3-18.31.1 as a component of SUSE Linux Enterprise Desktop 11 SP2 nfs-kernel-server-1.2.3-18.29.1 as a component of SUSE Linux Enterprise Desktop 11 SP2 nfs-client-1.2.1-2.26.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA nfs-doc-1.2.1-2.24.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA nfs-kernel-server-1.2.1-2.24.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA nfs-client-1.2.3-18.31.1 as a component of SUSE Linux Enterprise Server 11 SP2 nfs-doc-1.2.3-18.29.1 as a component of SUSE Linux Enterprise Server 11 SP2 nfs-kernel-server-1.2.3-18.29.1 as a component of SUSE Linux Enterprise Server 11 SP2 nfs-client-1.2.3-18.31.1 as a component of SUSE Linux Enterprise Server 11 SP3 nfs-client-1.2.3-18.38.43.1 as a component of SUSE Linux Enterprise Server 11 SP4 nfs-doc-1.2.3-18.38.43.1 as a component of SUSE Linux Enterprise Server 11 SP4 nfs-kernel-server-1.2.3-18.38.43.1 as a component of SUSE Linux Enterprise Server 11 SP4 nfs-client-1.2.3-18.31.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 nfs-doc-1.2.3-18.29.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 nfs-kernel-server-1.2.3-18.29.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks. CVE-2013-1923 SUSE Linux Enterprise Desktop 11 SP2:nfs-client-1.2.3-18.31.1 SUSE Linux Enterprise Desktop 11 SP2:nfs-kernel-server-1.2.3-18.29.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:nfs-client-1.2.1-2.26.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:nfs-doc-1.2.1-2.24.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:nfs-kernel-server-1.2.1-2.24.1 SUSE Linux Enterprise Server 11 SP2:nfs-client-1.2.3-18.31.1 SUSE Linux Enterprise Server 11 SP2:nfs-doc-1.2.3-18.29.1 SUSE Linux Enterprise Server 11 SP2:nfs-kernel-server-1.2.3-18.29.1 SUSE Linux Enterprise Server 11 SP3:nfs-client-1.2.3-18.31.1 SUSE Linux Enterprise Server 11 SP4:nfs-client-1.2.3-18.38.43.1 SUSE Linux Enterprise Server 11 SP4:nfs-doc-1.2.3-18.38.43.1 SUSE Linux Enterprise Server 11 SP4:nfs-kernel-server-1.2.3-18.38.43.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:nfs-client-1.2.3-18.31.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:nfs-doc-1.2.3-18.29.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:nfs-kernel-server-1.2.3-18.29.1 low 3.2 AV:A/AC:H/Au:N/C:P/I:P/A:N