CVE-2013-3266
Publication date 2 May 2013
Last updated 24 July 2024
Ubuntu priority
The nfsrvd_readdir function in sys/fs/nfsserver/nfs_nfsdport.c in the new NFS server in FreeBSD 8.0 through 9.1-RELEASE-p3 does not verify that a READDIR request is for a directory node, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by specifying a plain file instead of a directory.
Status
Package | Ubuntu Release | Status |
---|---|---|
kfreebsd-8 | 13.10 saucy | Not in release |
13.04 raring | Not in release | |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
11.10 oneiric | Not in release | |
10.04 LTS lucid | Ignored end of life | |
8.04 LTS hardy | Not in release |
Patch details
Package | Patch details |
---|---|
kfreebsd-8 |