Lucene search

K
ubuntucveUbuntu.comUB:CVE-2009-1072
HistoryMar 25, 2009 - 12:00 a.m.

CVE-2009-1072

2009-03-2500:00:00
ubuntu.com
ubuntu.com
11

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:C/A:N

0.969 High

EPSS

Percentile

99.7%

nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD
capability before handling a user request in a thread, which allows local
users to create device nodes, as demonstrated on a filesystem that has been
exported with the root_squash option.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchlinux< 2.6.24-24.55UNKNOWN
ubuntu8.10noarchlinux< 2.6.27-14.35UNKNOWN
ubuntu9.04noarchlinux< 2.6.28-13.45UNKNOWN
ubuntu6.06noarchlinux-source-2.6.15< 2.6.15-54.77UNKNOWN

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:C/A:N

0.969 High

EPSS

Percentile

99.7%

Related for UB:CVE-2009-1072