Описание
The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:freebsd:freebsd:7.4:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:8.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:8.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:8.2:*:*:*:*:*:*:*
EPSS
Процентиль: 56%
0.00336
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
больше 3 лет назад
The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request.
EPSS
Процентиль: 56%
0.00336
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-20