The makemask function in mountd.c in mountd in FreeBSD 7.4 up to and including 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote malicious users to bypass intended access restrictions in opportunistic circumstances via an NFS mount request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freebsd freebsd 7.4 |
||
freebsd freebsd 8.0 |
||
freebsd freebsd 8.1 |
||
freebsd freebsd 8.2 |