CVE-2013-5710

Sažetak

The nullfs implementation in sys/fs/nullfs/null_vnops.c in the kernel in FreeBSD 8.3 through 9.2 allows local users with certain permissions to bypass access restrictions via a hardlink in a nullfs instance to a file in a different instance.

Reference

http://secunia.com/advisories/54861
http://svnweb.freebsd.org/base?view=revision&revision=255442
http://www.debian.org/security/2013/dsa-2769
http://www.freebsd.org/security/advisories/FreeBSD-SA-13:13.nullfs.asc
http://www.securitytracker.com/id/1029015

CVSS

Base:	3.7
Impact:	6.4
Exploitability:	1.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:H/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

24-10-2013 - 03:48

Objavljeno

23-09-2013 - 20:55