nfsd in the Linux kernel prior to 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
opensuse opensuse 11.1 |
||
opensuse opensuse 11.0 |
||
opensuse opensuse 10.3 |
||
suse linux enterprise server 10 |
||
suse linux enterprise desktop 10 |
||
debian debian linux 5.0 |
||
debian debian linux 4.0 |
||
canonical ubuntu linux 9.04 |
||
canonical ubuntu linux 8.10 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 6.06 |
||
vmware vcenter_server 4.0 |
||
vmware virtualcenter 2.0.2 |
||
vmware virtualcenter 2.5 |
||
vmware server 2.0.0 |
||
vmware esx 3.5 |
||
vmware esx 4.0 |
||
vmware esx 3.0.3 |
||
vmware vma 4.0 |