Lucene search
HistoryMay 28, 2010 - 6:30 p.m.
CVE-2010-2020
nfs
freebsd
kernel
cve-2010-2020
privilege escalation
vulnerability
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
6.3 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
0.4%
sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD 7.2 through 8.1-PRERELEASE, when vfs.usermount is enabled, does not validate the length of a certain fhsize parameter, which allows local users to gain privileges via a crafted mount request.
Affected configurations
Node
freebsdfreebsdMatch7.2
ORfreebsdfreebsdMatch7.2pre-release
ORfreebsdfreebsdMatch7.2stable
ORfreebsdfreebsdMatch8.0
ORfreebsdfreebsdMatch8.1-prerelease
| CPE | Name | Operator | Version |
|---|---|---|---|
| freebsd:freebsd | freebsd | eq | 7.2 |
| freebsd:freebsd | freebsd | eq | 8.0 |
| freebsd:freebsd | freebsd | eq | 8.1-prerelease |
Related
openvas
openvas
FreeBSD Security Advisory (FreeBSD-SA-10:06.nfsclient.asc)
2010-06-03 00:00:00
FreeBSD Security Advisory (FreeBSD-SA-10:06.nfsclient.asc)
2010-06-03 00:00:00
nvd
nvd
CVE-2010-2020
2010-05-28 18:30:01
securityvulns
securityvulns
FreeBSD Security Advisory FreeBSD-SA-10:06.nfsclient
2010-05-28 00:00:00
FreeBSD NFS client privilege escalation
2010-05-28 00:00:00
CVE-2010-2020: FreeBSD kernel NFS client local vulnerabilities
2010-05-28 00:00:00
cvelist
cvelist
CVE-2010-2020
2010-05-28 18:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-10:06.nfsclient
2010-05-27 00:00:00
prion
prion
Cross site request forgery (csrf)
2010-05-28 18:30:00
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
6.3 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
0.4%
Related for CVE-2010-2020