CVE-2010-0318

Опубликовано: 15 янв. 2010

Источник: nvd

CVSS2: 6.9

EPSS Низкий

Описание

The replay functionality for ZFS Intent Log (ZIL) in FreeBSD 7.1, 7.2, and 8.0, when creating files during replay of a setattr transaction, uses 7777 permissions instead of the original permissions, which might allow local users to read or modify unauthorized files in opportunistic circumstances after a system crash or power failure.

Ссылки

http://secunia.com/advisories/38124
Vendor Advisory
http://security.FreeBSD.org/advisories/FreeBSD-SA-10:03.zfs.asc
Patch
Vendor Advisory
http://www.securityfocus.com/bid/37657
http://www.securitytracker.com/id?1023407
http://secunia.com/advisories/38124
Vendor Advisory
http://security.FreeBSD.org/advisories/FreeBSD-SA-10:03.zfs.asc
Patch
Vendor Advisory
http://www.securityfocus.com/bid/37657
http://www.securitytracker.com/id?1023407

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:7.2:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 10%

0.00034

Низкий

6.9 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2010-0318

debian

около 16 лет назад

The replay functionality for ZFS Intent Log (ZIL) in FreeBSD 7.1, 7.2, ...

GHSA-cfvw-hpqm-vv6h

github

почти 4 года назад