Description
The vfs_hang_addrlist function in sys/kern/vfs_export.c in the NFS server implementation in the kernel in FreeBSD 8.3 and 9.x through 9.1-RELEASE-p5 controls authorization for host/subnet export entries on the basis of group information sent by the client, which allows remote attackers to bypass file permissions on NFS filesystems via crafted requests.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
x_refsource_freebsd
http://www.freebsd.org/security/advisories/FreeBSD-SA-13:08.nfsserver.asc
Various Sources x_refsource_confirm
http://svnweb.freebsd.org/base?view=revision&revision=244226
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/61484
Scores
EPSS
0.0021
EPSS Percentile
42.8%
Details
CWE
CWE-264
Status
published
Products (3)
freebsd/freebsd
8.3
freebsd/freebsd
9.0
freebsd/freebsd
9.1 (3 CPE variants)
Published
Jul 29, 2013
Tracked Since
Feb 18, 2026