• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Linux nfsd Remote Buffer Overflow Vulnerability

A remotely exploitable buffer overflow vulnerability was found in versions of Linux nfsd known to ship with Debian Linux 2.1 and RedHat Linux 5.2. When they were fixed in the respective distributions/versions, no vulnerability information was published by the vendors. The vulnerability was in removal of long directory paths on a mounted nfs share. The length of the string holding the directory name which was to be removed was not checked and the buffer holding it could be overflowed, allowing execution of arbitrary code on the nfs server as root. A consequence of this being exploited is remote root compromise.