Computer Security
[EN] securityvulns.ru no-pyccku


FreeBSD mountd protection bypass
Published:21.04.2011
Source:
SecurityVulns ID:11610
Type:remote
Threat Level:
5/10
Description:Network mask in ACLs is computed incorrectly.
Affected:FREEBSD : FreeBSD 7.3
 FREEBSD : FreeBSD 8.1
 FREEBSD : FreeBSD 7.4
 FREEBSD : FreeBSD 8.2
CVE:CVE-2011-1739 (The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request.)
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-11:01.mountd (21.04.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod