DEBIAN-CVE-2012-3417

DEBIAN-CVE-2012-3417 PUBLISHED

The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota (aka quota) before 3.17 invokes the hosts_ctl function the first time without a host name, which might allow remote attackers to bypass TCP Wrappers rules in hosts.deny.

Affected Products

Vendor	Product	Versions
Debian:11	quota	0, 0, 0
Debian:13	quota	0, 0, 0
Debian:12	quota	0, 0, 0
Debian:14	quota	0, 0, 0

Timeline

Aug 13, 2012 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2012-3417 advisory

Open in Interactive Console →