Lucene search
HistorySep 23, 2013 - 8:55 p.m.
CVE-2013-5710
3.7 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The nullfs implementation in sys/fs/nullfs/null_vnops.c in the kernel in FreeBSD 8.3 through 9.2 allows local users with certain permissions to bypass access restrictions via a hardlink in a nullfs instance to a file in a different instance.
Affected configurations
Node
freebsdfreebsdMatch8.0
ORfreebsdfreebsdMatch8.3
ORfreebsdfreebsdMatch8.4
ORfreebsdfreebsdMatch9.0
ORfreebsdfreebsdMatch9.1
ORfreebsdfreebsdMatch9.2
Related
cve
cve
CVE-2013-5710
2013-09-23 20:55:07
freebsd
freebsd
FreeBSD -- Cross-mount links between nullfs(5) mounts
2013-09-10 00:00:00
cvelist
cvelist
CVE-2013-5710
2013-09-23 20:00:00
nessus
nessus
freebsd_advisory
freebsd_advisory
FreeBSD-SA-13:13.nullfs
2013-09-10 00:00:00
securityvulns
securityvulns
FreeBSD Security Advisory FreeBSD-SA-13:13.nullfs
2013-09-11 00:00:00
FreeBSD multiple security vulnerabilities
2013-09-11 00:00:00
prion
prion
Design/Logic Flaw
2013-09-23 20:55:00
openvas
openvas
Debian Security Advisory DSA 2769-1 (kfreebsd-9 - privilege escalation/denial of service)
2013-10-08 00:00:00
Debian: Security Advisory (DSA-2769-1)
2013-10-07 00:00:00
osv
osv
kfreebsd-9 - several
2013-10-08 00:00:00
debian
debian
[SECURITY] [DSA-2769-1] kfreebsd-9 security update
2013-10-08 14:20:48
[SECURITY] [DSA-2769-1] kfreebsd-9 security update
2013-10-08 14:20:48
3.7 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for NVD:CVE-2013-5710