CVE-2010-0318

Severity

69%

Complexity

34%

Confidentiality

165%

The replay functionality for ZFS Intent Log (ZIL) in FreeBSD 7.1, 7.2, and 8.0, when creating files during replay of a setattr transaction, uses 7777 permissions instead of the original permissions, which might allow local users to read or modify unauthorized files in opportunistic circumstances after a system crash or power failure.

The replay functionality for ZFS Intent Log (ZIL) in FreeBSD 7.1, 7.2, and 8.0, when creating files during replay of a setattr transaction, uses 7777 permissions instead of the original permissions, which might allow local users to read or modify unauthorized files in opportunistic circumstances after a system crash or power failure.

CVSS 2.0 Base Score 6.9. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:C/I:C/A:C).

Overview

Type

FreeBSD

First reported 15 years ago

2010-01-15 18:30:00

Last updated 13 years ago

2011-08-08 04:00:00

Affected Software

FreeBSD 7.1

7.1

FreeBSD 7.2

7.2

FreeBSD 8.0

8.0

References

38124

Vendor Advisory

FreeBSD-SA-10:03

Patch, Vendor Advisory

37657

1023407

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.