Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1739

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-1739
Last Modified 31 May 2011 12:00:00
Published 03 May 2011 04:55:12
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1739

Summary

The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request.

Vulnerable Systems

Operating System

  • Freebsd 7.4

  • Freebsd 8.0

  • Freebsd 8.1

  • Freebsd 8.2


References

XF - freebsd-mountd-security-bypass(66981)

VUPEN - ADV-2011-1076

BID - 47517

SECTRACK - 1025425

FREEBSD - FreeBSD-SA-11:01

SECUNIA - 44307


Last Updated: 27 May 2016 10:56:25