Vulnerability Details CVE-2011-1739
The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.8%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/44307
- http://security.FreeBSD.org/advisories/FreeBSD-SA-11:01.mountd.asc
- http://securitytracker.com/id?1025425
- http://www.securityfocus.com/bid/47517
- http://www.vupen.com/english/advisories/2011/1076
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66981
- http://secunia.com/advisories/44307
- http://security.FreeBSD.org/advisories/FreeBSD-SA-11:01.mountd.asc
- http://securitytracker.com/id?1025425
- http://www.securityfocus.com/bid/47517
- http://www.vupen.com/english/advisories/2011/1076
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66981