FreeBSD : FreeBSD -- Cross-mount links between nullfs(5) mounts (b72bad1c-20ed-11e3-be06-000c29ee3065)

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Problem Description :

The nullfs(5) implementation of the VOP_LINK(9) VFS operation does not
check whether the source and target of the link are both in the same
nullfs instance. It is therefore possible to create a hardlink from a
location in one nullfs instance to a file in another, as long as the
underlying (source) filesystem is the same.

Impact :

If multiple nullfs views into the same filesystem are mounted in
different locations, a user with read access to one of these views and
write access to another will be able to create a hard link from the
latter to a file in the former, even though they are, from the user's
perspective, different filesystems. The user may thereby gain write
access to files which are nominally on a read-only filesystem.

See also :

http://www.nessus.org/u?c9edadb6

Solution :

Update the affected packages.

Risk factor :

Low / CVSS Base Score : 3.7
(CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 3.2
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 70263 ()

Bugtraq ID: 62303

CVE ID: CVE-2013-5710

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now