CVE-2018-17157

{"id": "CVE-2018-17157", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2018-12-04T15:29:00.247", "references": [{"url": "http://www.securityfocus.com/bid/106192", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secteam@freebsd.org"}, {"url": "http://www.securitytracker.com/id/1042164", "tags": ["Patch", "Third Party Advisory", "VDB Entry"], "source": "secteam@freebsd.org"}, {"url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-25/", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "https://security.freebsd.org/advisories/FreeBSD-SA-18:13.nfs.asc", "tags": ["Patch", "Vendor Advisory"], "source": "secteam@freebsd.org"}, {"url": "http://www.securityfocus.com/bid/106192", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1042164", "tags": ["Patch", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-25/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.freebsd.org/advisories/FreeBSD-SA-18:13.nfs.asc", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error when handling opcodes can cause memory corruption by sending a specially crafted NFSv4 request. Unprivileged remote users with access to the NFS server may be able to execute arbitrary code."}, {"lang": "es", "value": "En FreeBSD, en versiones anteriores a la 11.2-STABLE(r340854) y la 11.2-RELEASE-p5, un error de desbordamiento de enteros al manejar opcodes puede provocar una corrupci\u00f3n de memoria mediante el env\u00edo de una petici\u00f3n NFSv4 especialmente manipulada. Los usuarios remotos sin privilegios con acceso al servidor NFS podr\u00edan ser capaces de ejecutar c\u00f3digo arbitrario."}], "lastModified": "2024-11-21T03:53:58.980", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7354D16-6431-43C2-97BA-EBBF482572C9", "versionEndExcluding": "11.2"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22365F7C-2B00-4B61-84E8-EFBA3B8CFDC0"}], "operator": "OR"}]}], "sourceIdentifier": "secteam@freebsd.org"}