Test ID:	1.3.6.1.4.1.25623.1.0.121288
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 201412-02
Summary:	Gentoo Linux Local Security Checks GLSA 201412-02
Description:	Summary: Gentoo Linux Local Security Checks GLSA 201412-02 Vulnerability Insight: rpc.gssd in nfs-utils is vulnerable to DNS spoofing due to it depending on PTR resolution for GSSAPI authentication, allowing for data to be submitted to a malicious server without the knowledge of the user. Solution: Update the affected packages to the latest available version. CVSS Score: 3.2 CVSS Vector: AV:A/AC:H/Au:N/C:P/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-1923 58854 http://www.securityfocus.com/bid/58854 [linux-nfs] 20130402 Re: [PATCH] Avoid PTR lookups when possible http://marc.info/?l=linux-nfs&m=136491998607561&w=2 [linux-nfs] 20130403 Re: [PATCH] Avoid PTR lookups when possible http://marc.info/?l=linux-nfs&m=136500502805121&w=2 https://bugzilla.redhat.com/show_bug.cgi?id=948072 nfsutils-cve20131923-spoofing(85331) https://exchange.xforce.ibmcloud.com/vulnerabilities/85331 openSUSE-SU-2013:1012 http://lists.opensuse.org/opensuse-updates/2013-06/msg00142.html openSUSE-SU-2013:1016 http://lists.opensuse.org/opensuse-updates/2013-06/msg00146.html openSUSE-SU-2013:1048 http://lists.opensuse.org/opensuse-updates/2013-06/msg00172.html
Copyright	Copyright (C) 2015 Eero Volotinen

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.