Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3915

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-3915
Last Modified 19 Mar 2012 12:00:00
Published 10 Sep 2008 09:13:41
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3915

Summary

Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.18

  • Linux Kernel 2.6.19.4

  • Linux Kernel 2.6.19.5

  • Linux Kernel 2.6.19.7

  • Linux Kernel 2.6.20.16

  • Linux Kernel 2.6.20.17

  • Linux Kernel 2.6.20.18

  • Linux Kernel 2.6.20.19

  • Linux Kernel 2.6.20.20

  • Linux Kernel 2.6.20.21

  • Linux Kernel 2.6.21.5

  • Linux Kernel 2.6.21.6

  • Linux Kernel 2.6.21.7

  • Linux Kernel 2.6.22

  • Linux Kernel 2.6.22.10

  • Linux Kernel 2.6.22.11

  • Linux Kernel 2.6.22.12

  • Linux Kernel 2.6.22.13

  • Linux Kernel 2.6.22.14

  • Linux Kernel 2.6.22.15

  • Linux Kernel 2.6.22.17

  • Linux Kernel 2.6.22.18

  • Linux Kernel 2.6.22.19

  • Linux Kernel 2.6.22.2

  • Linux Kernel 2.6.22.20

  • Linux Kernel 2.6.22.21

  • Linux Kernel 2.6.22.22

  • Linux Kernel 2.6.22.8

  • Linux Kernel 2.6.22.9

  • Linux Kernel 2.6.23

  • Linux Kernel 2.6.23.10

  • Linux Kernel 2.6.23.11

  • Linux Kernel 2.6.23.12

  • Linux Kernel 2.6.23.13

  • Linux Kernel 2.6.23.15

  • Linux Kernel 2.6.23.16

  • Linux Kernel 2.6.23.17

  • Linux Kernel 2.6.23.8

  • Linux Kernel 2.6.23.9

  • Linux Kernel 2.6.24

  • Linux Kernel 2.6.24.1

  • Linux Kernel 2.6.24.2

  • Linux Kernel 2.6.24.3

  • Linux Kernel 2.6.24.4

  • Linux Kernel 2.6.24.5

  • Linux Kernel 2.6.24.6

  • Linux Kernel 2.6.24.7

  • Linux Kernel 2.6.25

  • Linux Kernel 2.6.25.1

  • Linux Kernel 2.6.25.10

  • Linux Kernel 2.6.25.11

  • Linux Kernel 2.6.25.12

  • Linux Kernel 2.6.25.13

  • Linux Kernel 2.6.25.14

  • Linux Kernel 2.6.25.15

  • Linux Kernel 2.6.25.2

  • Linux Kernel 2.6.25.3

  • Linux Kernel 2.6.25.4

  • Linux Kernel 2.6.25.5

  • Linux Kernel 2.6.25.6

  • Linux Kernel 2.6.25.7

  • Linux Kernel 2.6.25.8

  • Linux Kernel 2.6.25.9


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=461101

XF - linux-kernel-nfsv4-bo(45055)

UBUNTU - USN-659-1

BID - 31133

REDHAT - RHSA-2008:0857

MLIST - [oss-security] 20080904 CVE request: kernel: nfsd: fix buffer overrun decoding NFSv4 acl

MLIST - [oss-security] 20080904 Re: CVE request: kernel: nfsd: fix buffer overrun decoding NFSv4 acl

CONFIRM - http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4

DEBIAN - DSA-1636

SECUNIA - 32393

SECUNIA - 32190

SECUNIA - 31881

MLIST - [linux-kernel] 20080903 [patch 05/16] nfsd: fix buffer overrun decoding NFSv4 acl

CONFIRM - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=91b80969ba466ba4b915a4a1d03add8c297add3f


Last Updated: 27 May 2016 10:57:29