3 matches found
FreeBSD Security Advisory (FreeBSD-SA-10:06.nfsclient.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-10:06.nfsclient.asc SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2010-2020
sys/nfsclient/nfsvfsops.c in the NFS client in the kernel in FreeBSD 7.2 through 8.1-PRERELEASE, when vfs.usermount is enabled, does not validate the length of a certain fhsize parameter, which allows local users to gain privileges via a crafted mount request...
CVE-2010-2020
CVE-2010-2020 affects the FreeBSD NFS client (nfs_vfsops.c). In FreeBSD 7.2–8.1-PRERELEASE, when vfs.usermount is enabled, the code fails to validate args.fhsize, enabling unprivileged local users to escalate privileges via crafted mount requests. Two related issues exist: an unbounded copy of fh...