[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-3623Date: (C)2005-12-31   (M)2024-02-09


nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
BID-16570
SECUNIA-18788
SECUNIA-19038
SECUNIA-21465
SECUNIA-22417
RHSA-2006:0575
SUSE-SA:2006:006
SUSE-SA:2006:012
http://lkml.org/lkml/2005/12/23/171
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm
oval:org.mitre.oval:def:11707

CWE    1
CWE-862

© SecPod Technologies