Back to search
CVE-2013-4851
Published: Jul 28, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The vfs_hang_addrlist function in sys/kern/vfs_export.c in the NFS server implementation in the kernel in FreeBSD 8.3 and 9.x through 9.1-RELEASE-p5 controls authorization for host/subnet export entries on the basis of group information sent by the client, which allows remote attackers to bypass file permissions on NFS filesystems via crafted requests.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://svnweb.freebsd.org/base?view=revision&revision=244226
x_refsource_CONFIRM
FreeBSD-SA-13:08
vendor-advisory
x_refsource_FREEBSD
61484
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now