6.6 Medium
AI Score
Confidence
Low
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%
The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-10:06.nfsclient.asc
# SPDX-FileCopyrightText: 2010 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.67507");
script_version("2023-07-26T05:05:09+0000");
script_tag(name:"last_modification", value:"2023-07-26 05:05:09 +0000 (Wed, 26 Jul 2023)");
script_tag(name:"creation_date", value:"2010-06-03 22:55:24 +0200 (Thu, 03 Jun 2010)");
script_tag(name:"cvss_base", value:"6.9");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
script_cve_id("CVE-2010-2020");
script_name("FreeBSD Security Advisory (FreeBSD-SA-10:06.nfsclient.asc)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2010 E-Soft Inc.");
script_family("FreeBSD Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/freebsd", "ssh/login/freebsdpatchlevel");
script_tag(name:"insight", value:"The Network File System (NFS) allows a host to export some or all of its
file systems so that other hosts can access them over the network and mount
them as if they were on local disks. FreeBSD includes server and client
implementations of NFS.
The NFS client subsystem fails to correctly validate the length of a
parameter provided by the user when a filesystem is mounted.");
script_tag(name:"solution", value:"Upgrade your system to the appropriate stable release
or security branch dated after the correction date.");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-10:06.nfsclient.asc");
script_tag(name:"summary", value:"The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-10:06.nfsclient.asc");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-bsd.inc");
vuln = FALSE;
if(patchlevelcmp(rel:"8.0", patchlevel:"3")<0) {
vuln = TRUE;
}
if(patchlevelcmp(rel:"7.3", patchlevel:"1")<0) {
vuln = TRUE;
}
if(patchlevelcmp(rel:"7.2", patchlevel:"8")<0) {
vuln = TRUE;
}
if(vuln) {
security_message(port:0);
} else if (__pkg_match) {
exit(99);
}