CVE-2010-2020

Sažetak

sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD 7.2 through 8.1-PRERELEASE, when vfs.usermount is enabled, does not validate the length of a certain fhsize parameter, which allows local users to gain privileges via a crafted mount request.

Reference

http://security.FreeBSD.org/advisories/FreeBSD-SA-10:06.nfsclient.asc
http://securitytracker.com/id?1024039
http://www.exploit-db.com/exploits/14002
http://www.exploit-db.com/exploits/14003

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

06-11-2012 - 04:41

Objavljeno

28-05-2010 - 18:30