Computer Security

FreeBSD mountd protection bypass
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



FreeBSD mountd protection bypass
Published:21.04.2011
Source:BUGTRAQ
SecurityVulns ID:11610
Type:remote
Level:5/10
Description:Network mask in ACLs is computed incorrectly.
Affected:FREEBSD : FreeBSD 7.3
 FREEBSD : FreeBSD 8.1
 FREEBSD : FreeBSD 7.4
 FREEBSD : FreeBSD 8.2
CVE:CVE-2011-1739 (The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request.)
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-11:01.mountd (21.04.2011)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru