QwikSec

Security Database

CVE

CWE

Training

CVE-2011-1749

Published: Feb 26, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

The nfs_addmntent function in support/nfs/nfs_mntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.redhat.com/show_bug.cgi?id=697975

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

http://sourceforge.net/projects/nfs/files/nfs-utils/1.2.4/Changelog-nfs-utils-1.2.4/download

x_refsource_CONFIRM

[oss-security] 20140425 Re: CVE request: CVE-2011-1089-like flaw in mount.nfs

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.