Vulnerability Description
The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Freebsd | Freebsd | 7.4 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/44307Vendor Advisory
- http://security.FreeBSD.org/advisories/FreeBSD-SA-11:01.mountd.asc
- http://securitytracker.com/id?1025425
- http://www.securityfocus.com/bid/47517
- http://www.vupen.com/english/advisories/2011/1076Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66981
- http://secunia.com/advisories/44307Vendor Advisory
- http://security.FreeBSD.org/advisories/FreeBSD-SA-11:01.mountd.asc
- http://securitytracker.com/id?1025425
- http://www.securityfocus.com/bid/47517
- http://www.vupen.com/english/advisories/2011/1076Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66981
FAQ
What is CVE-2011-1739?
CVE-2011-1739 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, whic...
How severe is CVE-2011-1739?
CVE-2011-1739 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1739?
Check the references section above for vendor advisories and patch information. Affected products include: Freebsd Freebsd.