Lucene search

K

[email protected]NVD:CVE-2011-1749

HistoryFeb 26, 2014 - 3:55 p.m.

CVE-2011-1749

2014-02-2615:55:06

CWE-20

[email protected]

web.nvd.nist.gov

1

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

8.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

The nfs_addmntent function in support/nfs/nfs_mntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.

Affected configurations

NVD

Node

linux-nfsnfs-utilsRange≤1.2.3

OR

linux-nfsnfs-utilsMatch1.2.0

OR

linux-nfsnfs-utilsMatch1.2.1

OR

linux-nfsnfs-utilsMatch1.2.2

References

rhn.redhat.com/errata/RHSA-2011-1534.html

rhn.redhat.com/errata/RHSA-2012-0310.html

sourceforge.net/projects/nfs/files/nfs-utils/1.2.4/Changelog-nfs-utils-1.2.4/download

www.openwall.com/lists/oss-security/2011/04/25/5

bugzilla.redhat.com/show_bug.cgi?id=697975

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

8.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

Related for NVD:CVE-2011-1749

prion6 cve6 cvelist6 ubuntucve6 debiancve5 nessus45 openvas38 oraclelinux5 redhat6 veracode2 nvd5 centos2 securityvulns4 gentoo1 ubuntu1 vmware4