Vulnerability   
Search   
    Search 191973 CVE descriptions
and 86218 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.702769
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2769-1 (kfreebsd-9 - privilege escalation/denial of service)
Summary:Several vulnerabilities have been discovered in the FreeBSD kernel that may;lead to a denial of service or privilege escalation. The Common;Vulnerabilities and Exposures project identifies the following problems:;;CVE-2013-5691;Loganaden Velvindron and Gleb Smirnoff discovered that the SIOCSIFADDR,;SIOCSIFBRDADDR, SIOCSIFDSTADDR and SIOCSIFNETMASK ioctl requests do not;perform input validation or verify the caller's credentials.;Unprivileged user with the ability to run arbitrary code can cause any;network interface in the system to perform the link layer actions;associated with the above ioctl requests or trigger a kernel panic by;passing a specially crafted address structure which causes a network;interface driver to dereference an invalid pointer.;;CVE-2013-5710;Konstantin Belousov discovered that the nullfs(5) implementation of the;VOP_LINK(9) VFS operation does not check whether the source and target of;the link are both in the same nullfs instance. It is therefore possible to;create a hardlink from a location in one nullfs instance to a file in;another, as long as the underlying (source) filesystem is the same. If;multiple nullfs views into the same filesystem are mounted in different;locations, a user may gain write access to files which are nominally on;a read-only filesystem.
Description:Summary:
Several vulnerabilities have been discovered in the FreeBSD kernel that may
lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following problems:

CVE-2013-5691
Loganaden Velvindron and Gleb Smirnoff discovered that the SIOCSIFADDR,
SIOCSIFBRDADDR, SIOCSIFDSTADDR and SIOCSIFNETMASK ioctl requests do not
perform input validation or verify the caller's credentials.
Unprivileged user with the ability to run arbitrary code can cause any
network interface in the system to perform the link layer actions
associated with the above ioctl requests or trigger a kernel panic by
passing a specially crafted address structure which causes a network
interface driver to dereference an invalid pointer.

CVE-2013-5710
Konstantin Belousov discovered that the nullfs(5) implementation of the
VOP_LINK(9) VFS operation does not check whether the source and target of
the link are both in the same nullfs instance. It is therefore possible to
create a hardlink from a location in one nullfs instance to a file in
another, as long as the underlying (source) filesystem is the same. If
multiple nullfs views into the same filesystem are mounted in different
locations, a user may gain write access to files which are nominally on
a read-only filesystem.

Affected Software/OS:
kfreebsd-9 on Debian Linux

Solution:
For the stable distribution (wheezy), these problems have been fixed in
version 9.0-10+deb70.4.

We recommend that you upgrade your kfreebsd-9 packages.

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-5710
Debian Security Information: DSA-2769 (Google Search)
http://www.debian.org/security/2013/dsa-2769
FreeBSD Security Advisory: FreeBSD-SA-13:12
http://www.freebsd.org/security/advisories/FreeBSD-SA-13:13.nullfs.asc
http://www.securitytracker.com/id/1029015
http://secunia.com/advisories/54861
Common Vulnerability Exposure (CVE) ID: CVE-2013-5691
http://www.freebsd.org/security/advisories/FreeBSD-SA-13:12.ifioctl.asc
CopyrightCopyright (C) 2013 Greenbone Networks GmbH http://greenbone.net

This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.