Improper Handling of CIDR Blocks in mountd Allows Access Bypass
CVE-2011-1739 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request.
Learn more about our Network Penetration Testing.