Computer Security
[EN] no-pyccku

FreeBSD mountd protection bypass
SecurityVulns ID:11610
Threat Level:
Description:Network mask in ACLs is computed incorrectly.
Affected:FREEBSD : FreeBSD 7.3
 FREEBSD : FreeBSD 8.1
 FREEBSD : FreeBSD 7.4
 FREEBSD : FreeBSD 8.2
CVE:CVE-2011-1739 (The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request.)
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-11:01.mountd (21.04.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod