[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2011-1739

Date: (C)2011-05-03   (M)2017-08-18
 
CVSS Score: 4.3Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 2.9Authentication: NONE
 Confidentiality: NONE
 Integrity: PARTIAL
 Availability: NONE











The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request.

Reference:
SECTRACK-1025425
SECUNIA-44307
BID-47517
ADV-2011-1076
FreeBSD-SA-11:01
freebsd-mountd-security-bypass(66981)

CPE    4
cpe:/o:freebsd:freebsd:7.4
cpe:/o:freebsd:freebsd:8.1
cpe:/o:freebsd:freebsd:8.2
cpe:/o:freebsd:freebsd:8.0
...
CWE    1
CWE-20

© 2013 SecPod Technologies