Описание
The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request.
The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2011-1739
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66981
- http://secunia.com/advisories/44307
- http://security.FreeBSD.org/advisories/FreeBSD-SA-11:01.mountd.asc
- http://securitytracker.com/id?1025425
- http://www.securityfocus.com/bid/47517
- http://www.vupen.com/english/advisories/2011/1076
Связанные уязвимости
The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request.