Lucene search
FreeBSD7DBB7197-7B68-11DD-80BA-000BCDF0A03BHistorySep 03, 2008 - 12:00 a.m.
FreeBSD -- nmount(2) local arbitrary code execution
2008-09-0300:00:00
vuxml.freebsd.org
13
0.0004 Low
EPSS
Percentile
0.4%
Problem Description:
Various user defined input such as mount points, devices, and
mount options are prepared and passed as arguments to
nmount(2) into the kernel. Under certain error conditions,
user defined data will be copied into a stack allocated buffer
stored in the kernel without sufficient bounds checking.
Impact:
If the system is configured to allow unprivileged users to
mount file systems, it is possible for a local adversary to
exploit this vulnerability and execute code in the context of
the kernel.
Workaround:
It is possible to work around this issue by allowing only
privileged users to mount file systems by running the
following sysctl(8) command:
sysctl vfs.usermount=0
Related
securityvulns
securityvulns
FreeBSD Security Advisory FreeBSD-SA-08:08.nmount
2008-09-07 00:00:00
FreeBSD multiple security vulnerabilities
2009-07-03 00:00:00
seebug
seebug
FreeBSD 'mount(2)'和'nmount(2)'多个栈缓冲区溢出漏洞
2008-09-10 00:00:00
FreeBSD 7.0/7.1 vfs.usermount Local Privilege Escalation Exploit
2009-07-10 00:00:00
openvas
openvas
FreeBSD Security Advisory (FreeBSD-SA-08:08.nmount.asc)
2008-09-04 00:00:00
FreeBSD Security Advisory (FreeBSD-SA-08:08.nmount.asc)
2008-09-04 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-08:08.nmount
2008-09-03 00:00:00
exploitpack
exploitpack
FreeBSD 7.07.1 - vfs.usermount Local Privilege Escalation
2009-07-09 00:00:00
cvelist
cvelist
CVE-2008-3531
2008-09-05 16:00:00
cve
cve
CVE-2008-3531
2008-09-05 16:08:00
prion
prion
Stack overflow
2008-09-05 16:08:00
exploitdb
exploitdb
FreeBSD 7.0/7.1 - 'vfs.usermount' Local Privilege Escalation
2009-07-09 00:00:00