Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2009-0786
Vulnerability from cvelistv5
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This was originally intended for a report about TCP Wrappers and the hosts_ctl API function, but further investigation showed that this was documented behavior by that function. Notes: Future CVE identifiers might be assigned to applications that mis-use the API in a security-relevant fashion.
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2023-02-12T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"rejectedReasons": [
{
"lang": "en",
"value": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This was originally intended for a report about TCP Wrappers and the hosts_ctl API function, but further investigation showed that this was documented behavior by that function. Notes: Future CVE identifiers might be assigned to applications that mis-use the API in a security-relevant fashion."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-0786",
"datePublished": "2009-05-21T23:00:00Z",
"dateRejected": "2023-02-12T00:00:00",
"dateReserved": "2009-03-04T00:00:00Z",
"dateUpdated": "2024-09-17T01:55:49.584Z",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.0",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2009-0786\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2009-05-22T11:53:45.640\",\"lastModified\":\"2023-11-07T02:03:44.133\",\"vulnStatus\":\"Rejected\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This was originally intended for a report about TCP Wrappers and the hosts_ctl API function, but further investigation showed that this was documented behavior by that function. Notes: Future CVE identifiers might be assigned to applications that mis-use the API in a security-relevant fashion.\"}],\"metrics\":{},\"references\":[]}}"
}
}
gsd-2009-0786
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This was originally intended for a report about TCP Wrappers and the hosts_ctl API function, but further investigation showed that this was documented behavior by that function. Notes: Future CVE identifiers might be assigned to applications that mis-use the API in a security-relevant fashion.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2009-0786",
"description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This was originally intended for a report about TCP Wrappers and the hosts_ctl API function, but further investigation showed that this was documented behavior by that function. Notes: Future CVE identifiers might be assigned to applications that mis-use the API in a security-relevant fashion.",
"id": "GSD-2009-0786",
"references": [
"https://access.redhat.com/errata/RHBA-2007:0565"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2009-0786"
],
"details": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This was originally intended for a report about TCP Wrappers and the hosts_ctl API function, but further investigation showed that this was documented behavior by that function. Notes: Future CVE identifiers might be assigned to applications that mis-use the API in a security-relevant fashion.",
"id": "GSD-2009-0786",
"modified": "2023-12-13T01:19:44.786037Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0786",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This was originally intended for a report about TCP Wrappers and the hosts_ctl API function, but further investigation showed that this was documented behavior by that function. Notes: Future CVE identifiers might be assigned to applications that mis-use the API in a security-relevant fashion."
}
]
}
}
}
}
rhba-2007_0565
Vulnerability from csaf_redhat
Published
2007-11-07 00:00
Modified
2024-12-02 07:21
Summary
Red Hat Bug Fix Advisory: tcp_wrappers bug fix update
Notes
Topic
Updated tcp_wrappers packages that fix several bugs are now available.
Details
The tcp_wrappers package provides small daemon programs which can monitor
and filter incoming requests for systat, finger, FTP, telnet, rlogin, rsh,
exec, tftp, talk and other network services. It also contains the libwrap
library that adds the same filtering capabilities to programs linked
against it, like sshd and more.
This update brings the following changes:
* localhost and localhost.localdomain are treated as being equivalent when
comparing the client hostname and the list of allowed/denied hostnames.
* the hosts_ctl function uses the address parameter to get the ip address
and resolve it to symbolic hostname, if not given.
* the behavior of signal handling when the "spawn" option is used has been
changed to be transparent to the application using the library.
These fixes correct the behavior of certain applications, including
net-snmp and vsftpd.
Users should upgrade to this updated package, which resolves these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated tcp_wrappers packages that fix several bugs are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "The tcp_wrappers package provides small daemon programs which can monitor\nand filter incoming requests for systat, finger, FTP, telnet, rlogin, rsh,\nexec, tftp, talk and other network services. It also contains the libwrap\nlibrary that adds the same filtering capabilities to programs linked\nagainst it, like sshd and more.\n\nThis update brings the following changes:\n\n* localhost and localhost.localdomain are treated as being equivalent when\ncomparing the client hostname and the list of allowed/denied hostnames.\n\n* the hosts_ctl function uses the address parameter to get the ip address\nand resolve it to symbolic hostname, if not given.\n\n* the behavior of signal handling when the \"spawn\" option is used has been\nchanged to be transparent to the application using the library.\n\nThese fixes correct the behavior of certain applications, including\nnet-snmp and vsftpd.\n\nUsers should upgrade to this updated package, which resolves these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2007:0565",
"url": "https://access.redhat.com/errata/RHBA-2007:0565"
},
{
"category": "external",
"summary": "241357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=241357"
},
{
"category": "external",
"summary": "246216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=246216"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2007/rhba-2007_0565.json"
}
],
"title": "Red Hat Bug Fix Advisory: tcp_wrappers bug fix update",
"tracking": {
"current_release_date": "2024-12-02T07:21:04+00:00",
"generator": {
"date": "2024-12-02T07:21:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHBA-2007:0565",
"initial_release_date": "2007-11-07T00:00:00+00:00",
"revision_history": [
{
"date": "2007-11-07T00:00:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2007-10-30T19:03:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-02T07:21:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.x86_64",
"product": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.x86_64",
"product_id": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcp_wrappers-debuginfo@7.6-40.4.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tcp_wrappers-0:7.6-40.4.el5.x86_64",
"product": {
"name": "tcp_wrappers-0:7.6-40.4.el5.x86_64",
"product_id": "tcp_wrappers-0:7.6-40.4.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcp_wrappers@7.6-40.4.el5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.i386",
"product": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.i386",
"product_id": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcp_wrappers-debuginfo@7.6-40.4.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "tcp_wrappers-0:7.6-40.4.el5.i386",
"product": {
"name": "tcp_wrappers-0:7.6-40.4.el5.i386",
"product_id": "tcp_wrappers-0:7.6-40.4.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcp_wrappers@7.6-40.4.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "tcp_wrappers-0:7.6-40.4.el5.src",
"product": {
"name": "tcp_wrappers-0:7.6-40.4.el5.src",
"product_id": "tcp_wrappers-0:7.6-40.4.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcp_wrappers@7.6-40.4.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ia64",
"product": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ia64",
"product_id": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcp_wrappers-debuginfo@7.6-40.4.el5?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "tcp_wrappers-0:7.6-40.4.el5.ia64",
"product": {
"name": "tcp_wrappers-0:7.6-40.4.el5.ia64",
"product_id": "tcp_wrappers-0:7.6-40.4.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcp_wrappers@7.6-40.4.el5?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc64",
"product": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc64",
"product_id": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcp_wrappers-debuginfo@7.6-40.4.el5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tcp_wrappers-0:7.6-40.4.el5.ppc64",
"product": {
"name": "tcp_wrappers-0:7.6-40.4.el5.ppc64",
"product_id": "tcp_wrappers-0:7.6-40.4.el5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcp_wrappers@7.6-40.4.el5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc",
"product": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc",
"product_id": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcp_wrappers-debuginfo@7.6-40.4.el5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "tcp_wrappers-0:7.6-40.4.el5.ppc",
"product": {
"name": "tcp_wrappers-0:7.6-40.4.el5.ppc",
"product_id": "tcp_wrappers-0:7.6-40.4.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcp_wrappers@7.6-40.4.el5?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390x",
"product": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390x",
"product_id": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcp_wrappers-debuginfo@7.6-40.4.el5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tcp_wrappers-0:7.6-40.4.el5.s390x",
"product": {
"name": "tcp_wrappers-0:7.6-40.4.el5.s390x",
"product_id": "tcp_wrappers-0:7.6-40.4.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcp_wrappers@7.6-40.4.el5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390",
"product": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390",
"product_id": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcp_wrappers-debuginfo@7.6-40.4.el5?arch=s390"
}
}
},
{
"category": "product_version",
"name": "tcp_wrappers-0:7.6-40.4.el5.s390",
"product": {
"name": "tcp_wrappers-0:7.6-40.4.el5.s390",
"product_id": "tcp_wrappers-0:7.6-40.4.el5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcp_wrappers@7.6-40.4.el5?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-0:7.6-40.4.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tcp_wrappers-0:7.6-40.4.el5.i386"
},
"product_reference": "tcp_wrappers-0:7.6-40.4.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-0:7.6-40.4.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tcp_wrappers-0:7.6-40.4.el5.ia64"
},
"product_reference": "tcp_wrappers-0:7.6-40.4.el5.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-0:7.6-40.4.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tcp_wrappers-0:7.6-40.4.el5.ppc"
},
"product_reference": "tcp_wrappers-0:7.6-40.4.el5.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-0:7.6-40.4.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tcp_wrappers-0:7.6-40.4.el5.ppc64"
},
"product_reference": "tcp_wrappers-0:7.6-40.4.el5.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-0:7.6-40.4.el5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tcp_wrappers-0:7.6-40.4.el5.s390"
},
"product_reference": "tcp_wrappers-0:7.6-40.4.el5.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-0:7.6-40.4.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tcp_wrappers-0:7.6-40.4.el5.s390x"
},
"product_reference": "tcp_wrappers-0:7.6-40.4.el5.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-0:7.6-40.4.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tcp_wrappers-0:7.6-40.4.el5.src"
},
"product_reference": "tcp_wrappers-0:7.6-40.4.el5.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-0:7.6-40.4.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tcp_wrappers-0:7.6-40.4.el5.x86_64"
},
"product_reference": "tcp_wrappers-0:7.6-40.4.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.i386"
},
"product_reference": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ia64"
},
"product_reference": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc"
},
"product_reference": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc64"
},
"product_reference": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390"
},
"product_reference": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390x"
},
"product_reference": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.x86_64"
},
"product_reference": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-0:7.6-40.4.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tcp_wrappers-0:7.6-40.4.el5.i386"
},
"product_reference": "tcp_wrappers-0:7.6-40.4.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-0:7.6-40.4.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tcp_wrappers-0:7.6-40.4.el5.ia64"
},
"product_reference": "tcp_wrappers-0:7.6-40.4.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-0:7.6-40.4.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tcp_wrappers-0:7.6-40.4.el5.ppc"
},
"product_reference": "tcp_wrappers-0:7.6-40.4.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-0:7.6-40.4.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tcp_wrappers-0:7.6-40.4.el5.ppc64"
},
"product_reference": "tcp_wrappers-0:7.6-40.4.el5.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-0:7.6-40.4.el5.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tcp_wrappers-0:7.6-40.4.el5.s390"
},
"product_reference": "tcp_wrappers-0:7.6-40.4.el5.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-0:7.6-40.4.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tcp_wrappers-0:7.6-40.4.el5.s390x"
},
"product_reference": "tcp_wrappers-0:7.6-40.4.el5.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-0:7.6-40.4.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tcp_wrappers-0:7.6-40.4.el5.src"
},
"product_reference": "tcp_wrappers-0:7.6-40.4.el5.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-0:7.6-40.4.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tcp_wrappers-0:7.6-40.4.el5.x86_64"
},
"product_reference": "tcp_wrappers-0:7.6-40.4.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.i386"
},
"product_reference": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ia64"
},
"product_reference": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc"
},
"product_reference": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc64"
},
"product_reference": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390"
},
"product_reference": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390x"
},
"product_reference": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.x86_64"
},
"product_reference": "tcp_wrappers-debuginfo-0:7.6-40.4.el5.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-0786",
"discovery_date": "2009-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "491095"
}
],
"notes": [
{
"category": "description",
"text": "[REJECTED CVE] A flaw was found in the tcp_wrappers related to the handling of hostnames specified in the host access rules in /etc/hosts.allow and /etc/hosts.deny. This issue affects applications like net-snmp snmpd and OpenLDAP daemons that uses the hosts_ctl() tcp_wrappers interface function. The flaw prevents correct matching of access rules with hostnames, potentially leading to incorrectly denied access (if in an allow rule) or bypassed access restrictions (if in a deny rule). Attackers could exploit this to gain unauthorized access or disrupt legitimate connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tcp_wrappers: hosts_ctl() does not handle hostnames specified in /etc/hosts.{allow,deny} correctly",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been rejected upstream, because this was originally intended for a report about TCP Wrappers and the hosts_ctl API function, but further investigation showed that this was documented behavior by that function.\n\nRed Hat has also evaluated this issue and determined that it does not meet the criteria to be classified as a security vulnerability. This assessment is based on the issue not posing a significant security risk, being a result of misconfiguration or usage error, or falling outside the scope of security considerations. \n\nAs such, this CVE has been marked as \"Rejected\" in alignment with Red Hat\u0027s vulnerability management policies.\n\nIf you have additional information or concerns regarding this determination, please contact Red Hat Product Security for further clarification.\n\nAlso, please note that this issue was previously fixed as bug (access incorrectly denied) and patches are available in Red Hat Enterprise Linux 5 (RHBA-2007:0565).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:tcp_wrappers-0:7.6-40.4.el5.i386",
"5Client:tcp_wrappers-0:7.6-40.4.el5.ia64",
"5Client:tcp_wrappers-0:7.6-40.4.el5.ppc",
"5Client:tcp_wrappers-0:7.6-40.4.el5.ppc64",
"5Client:tcp_wrappers-0:7.6-40.4.el5.s390",
"5Client:tcp_wrappers-0:7.6-40.4.el5.s390x",
"5Client:tcp_wrappers-0:7.6-40.4.el5.src",
"5Client:tcp_wrappers-0:7.6-40.4.el5.x86_64",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.i386",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ia64",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc64",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390x",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.x86_64",
"5Server:tcp_wrappers-0:7.6-40.4.el5.i386",
"5Server:tcp_wrappers-0:7.6-40.4.el5.ia64",
"5Server:tcp_wrappers-0:7.6-40.4.el5.ppc",
"5Server:tcp_wrappers-0:7.6-40.4.el5.ppc64",
"5Server:tcp_wrappers-0:7.6-40.4.el5.s390",
"5Server:tcp_wrappers-0:7.6-40.4.el5.s390x",
"5Server:tcp_wrappers-0:7.6-40.4.el5.src",
"5Server:tcp_wrappers-0:7.6-40.4.el5.x86_64",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.i386",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ia64",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc64",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390x",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0786"
},
{
"category": "external",
"summary": "RHBZ#491095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=491095"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0786",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0786"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0786",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0786"
}
],
"release_date": "2009-03-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2007-11-07T00:00:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Client:tcp_wrappers-0:7.6-40.4.el5.i386",
"5Client:tcp_wrappers-0:7.6-40.4.el5.ia64",
"5Client:tcp_wrappers-0:7.6-40.4.el5.ppc",
"5Client:tcp_wrappers-0:7.6-40.4.el5.ppc64",
"5Client:tcp_wrappers-0:7.6-40.4.el5.s390",
"5Client:tcp_wrappers-0:7.6-40.4.el5.s390x",
"5Client:tcp_wrappers-0:7.6-40.4.el5.src",
"5Client:tcp_wrappers-0:7.6-40.4.el5.x86_64",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.i386",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ia64",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc64",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390x",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.x86_64",
"5Server:tcp_wrappers-0:7.6-40.4.el5.i386",
"5Server:tcp_wrappers-0:7.6-40.4.el5.ia64",
"5Server:tcp_wrappers-0:7.6-40.4.el5.ppc",
"5Server:tcp_wrappers-0:7.6-40.4.el5.ppc64",
"5Server:tcp_wrappers-0:7.6-40.4.el5.s390",
"5Server:tcp_wrappers-0:7.6-40.4.el5.s390x",
"5Server:tcp_wrappers-0:7.6-40.4.el5.src",
"5Server:tcp_wrappers-0:7.6-40.4.el5.x86_64",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.i386",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ia64",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc64",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390x",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2007:0565"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client:tcp_wrappers-0:7.6-40.4.el5.i386",
"5Client:tcp_wrappers-0:7.6-40.4.el5.ia64",
"5Client:tcp_wrappers-0:7.6-40.4.el5.ppc",
"5Client:tcp_wrappers-0:7.6-40.4.el5.ppc64",
"5Client:tcp_wrappers-0:7.6-40.4.el5.s390",
"5Client:tcp_wrappers-0:7.6-40.4.el5.s390x",
"5Client:tcp_wrappers-0:7.6-40.4.el5.src",
"5Client:tcp_wrappers-0:7.6-40.4.el5.x86_64",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.i386",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ia64",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc64",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390x",
"5Client:tcp_wrappers-debuginfo-0:7.6-40.4.el5.x86_64",
"5Server:tcp_wrappers-0:7.6-40.4.el5.i386",
"5Server:tcp_wrappers-0:7.6-40.4.el5.ia64",
"5Server:tcp_wrappers-0:7.6-40.4.el5.ppc",
"5Server:tcp_wrappers-0:7.6-40.4.el5.ppc64",
"5Server:tcp_wrappers-0:7.6-40.4.el5.s390",
"5Server:tcp_wrappers-0:7.6-40.4.el5.s390x",
"5Server:tcp_wrappers-0:7.6-40.4.el5.src",
"5Server:tcp_wrappers-0:7.6-40.4.el5.x86_64",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.i386",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ia64",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.ppc64",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.s390x",
"5Server:tcp_wrappers-debuginfo-0:7.6-40.4.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tcp_wrappers: hosts_ctl() does not handle hostnames specified in /etc/hosts.{allow,deny} correctly"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.