Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FreeBSD mountd makemask函数输入验证漏洞
Vulnerability Description
FreeBSD是由Core Team团队负责的FreeBSD项目中的一套类Unix自由操作系统,是经过BSD、386BSD和4.4BSD发展而来的类Unix的一个重要分支。 FreeBSD 7.4至8.2版本的mountd中的makemask函数中存在输入验证漏洞。在使用具有prefix长度的CIDR概念处理“-network”定义时产生的错误导致此漏洞,该prefix长度是在解析输出表单时产生的。攻击者可以借助NFS mount请求,通过使用错误网络mask强制执行ACL限制。
CVSS Information
N/A
Vulnerability Type
N/A