NFS Filesystem ACL Bypass Vulnerability

NFS Filesystem ACL Bypass Vulnerability

CVE-2005-3623 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.