CVE-2008-3915

Sažetak

Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.

Reference

http://www.openwall.com/lists/oss-security/2008/09/04/18
http://lkml.org/lkml/2008/9/3/286
https://bugzilla.redhat.com/show_bug.cgi?id=461101
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4
http://www.openwall.com/lists/oss-security/2008/09/04/4
http://www.debian.org/security/2008/dsa-1636
http://secunia.com/advisories/31881
http://www.securityfocus.com/bid/31133
http://www.redhat.com/support/errata/RHSA-2008-0857.html
http://secunia.com/advisories/32190
http://www.ubuntu.com/usn/usn-659-1
http://secunia.com/advisories/32393
https://exchange.xforce.ibmcloud.com/vulnerabilities/45055
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=91b80969ba466ba4b915a4a1d03add8c297add3f

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

07-11-2023 - 02:02

Objavljeno

11-09-2008 - 01:13