CVE-2013-1923

NONE
Published Jan 21, 201412y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jan 21, 2014 12y ago
Last Modified Jun 16, 2026 2w ago

Description

rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks.

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Information Exposure

Affected Products 8

VendorProductVersionRange
linux-nfsnfs-utils* ≤1.2.7
linux-nfsnfs-utils1.2.0any
linux-nfsnfs-utils1.2.1any
linux-nfsnfs-utils1.2.2any
linux-nfsnfs-utils1.2.3any
linux-nfsnfs-utils1.2.4any
linux-nfsnfs-utils1.2.5any
linux-nfsnfs-utils1.2.6any

References 8

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.