USN-36-1: NFS statd vulnerability
1 December 2004
nfs-utils vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 4.10
Software Description
Details
SGI discovered a remote Denial of Service vulnerability in the NFS statd server. statd did not ignore the “SIGPIPE” signal which caused it to shutdown if a misconfigured or malicious peer terminated the TCP connection prematurely.
Update instructions
The problem can be corrected by updating your system to the following package versions:
- Ubuntu 4.10
- nfs-common
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.