Vulnerability CVE-2005-3623: Information

Description

nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems.

Severity: MEDIUM (5.0)

URL: https://nvd.nist.gov/vuln/detail/CVE-2005-3623
Published: Dec. 31, 2005
Modified: Feb. 2, 2024
Error type identifier: CWE-862

References to Advisories, Solutions, and Tools

Hyperlink
Resource
http://lkml.org/lkml/2005/12/23/171
  • Mailing List
  • Patch
SUSE-SA:2006:006
  • Broken Link
  • Vendor Advisory
18788
  • Broken Link
  • Patch
  • Vendor Advisory
SUSE-SA:2006:012
  • Broken Link
  • Patch
19038
  • Broken Link
  • Patch
  • Vendor Advisory
16570
  • Broken Link
  • Third Party Advisory
  • VDB Entry
RHSA-2006:0575
  • Broken Link
21465
  • Broken Link
  • Vendor Advisory
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm
  • Third Party Advisory
22417
  • Broken Link
  • Vendor Advisory
oval:org.mitre.oval:def:11707
  • Broken Link

    1. Configuration 1

      cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.0
Back to top