Local Privilege Escalation via nfs_addmntent Function in nfs-utils

Local Privilege Escalation via nfs_addmntent Function in nfs-utils

CVE-2011-1749 · LOW Severity

AV:L/AC:M/AU:N/C:N/I:P/A:P

The nfs_addmntent function in support/nfs/nfs_mntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.

Learn more about our User Device Pen Test.