SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (UNIX)  >   Nfs Vendors:   OpenBSD
OpenBSD nfs Kernel Buffer Overflow Lets Local Users Execute Arbitrary Code in Kernel Mode
SecurityTracker Alert ID:  1002328
SecurityTracker URL:  http://securitytracker.com/id/1002328
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Sep 6 2001
Impact:   Execution of arbitrary code via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   OpenBSD reported a vulnerability in their NFS mount code that allows a local user to execute arbitrary code in kernel mode.

Only users with mount privileges can trigger the vulnerability, which is limited to root level users in default installations.

Impact:   A local user with access to the mount(2) utility can execute arbitrary code in kernel mode.
Solution:   The vendor has released a patch:

ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.9/common/012_nfs.patch

Vendor URL:  www.openbsd.org/errata.html#nfs (Links to External Site)
Cause:   Boundary error
Underlying OS:  UNIX (OpenBSD)

Message History:   None.


 Source Message Contents

Subject:  OpenBSD NFS Kernel Flaw


>From web site: http://www.openbsd.org/errata.html#nfs

012: SECURITY FIX: July 30, 2001

A kernel buffer overflow exists in the NFS mount code. An attacker may
use this overflow to execute arbitrary code in kernel mode. However,
only users with mount(2) privileges can initiate this attack. In default
installs, only super-user has mount privileges. The kern.usermount
sysctl(3) controls whether other users have mount privileges.  A source
code patch
(ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.9/common/012_nfs.patch)
exists which remedies the problem.


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC