Re: FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver [REVISE

看板FB_security作者時間12年前 (2013/04/30 07:01), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串4/4 (看更多)
On Apr 29, 2013, at 4:56 PM, FreeBSD Security Advisories <security-advisories@freebsd.org> wrote: > II. Problem Description > > When processing READDIR requests, the NFS server does not check that > it is in fact operating on a directory node. An attacker can use a > specially modified NFS client to submit a READDIR request on a file, > causing the underlying filesystem to interpret that file as a > directory. Can someone clarify if this is exploitable only from hosts/networks allowed in /etc/exports? i.e. if exports would not allow an attacker to mount a filesystem, would they still be able to exploit this? I'm guessing not, but I would have expected "lock down your nfs exports" to be suggested. -- Kevin _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 toasty. 的文章
文章代碼(AID): #1HVlkkEk (FB_security)
更多 toasty. 的文章
文章代碼(AID): #1HVlkkEk (FB_security)