[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-3915

Date: (C)2008-09-10   (M)2017-11-18 


Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.

CVSS Score: 9.3Access Vector: NETWORK
Exploit Score: 8.6Access Complexity: MEDIUM
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
BID-31133
SECUNIA-31881
SECUNIA-32190
SECUNIA-32393
DSA-1636
RHSA-2008:0857
USN-659-1
http://lkml.org/lkml/2008/9/3/286
http://www.openwall.com/lists/oss-security/2008/09/04/4
http://www.openwall.com/lists/oss-security/2008/09/04/18
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=91b80969ba466ba4b915a4a1d03add8c297add3f
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4
https://bugzilla.redhat.com/show_bug.cgi?id=461101
linux-kernel-nfsv4-bo(45055)

CPE    63
cpe:/o:linux:linux_kernel:2.6.19.4
cpe:/o:linux:linux_kernel:2.6.19.5
cpe:/o:linux:linux_kernel:2.6.19.7
cpe:/o:linux:linux_kernel:2.6.24.1
...
CWE    1
CWE-119
OVAL    1
oval:org.mitre.oval:def:8234

© 2013 SecPod Technologies