Summary
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-08:08.nmount.asc
Solution
Upgrade your system to the appropriate stable release or security branch dated after the correction date
https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-08:08.nmount.asc
Insight
The mount(2) and nmount(2) system calls are used by various utilities in the base system to graft a file system object on to the file system tree to a given mount point. It is possible to allow unprivileged users to utililize these system calls by setting the vfs.usermount sysctl(8) variable.
Various user defined input such as mount points, devices, and mount options are prepared and passed as arguments to nmount(2) into the kernel. Under certain error conditions, user defined data will be copied into a stack allocated buffer stored in the kernel without sufficient bounds checking.
Severity
Classification
-
CVE CVE-2008-3531 -
CVSS Base Score: 6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities