Date: Mon, 13 Nov 2006 20:12:30 -0500 From: Bill Moran <wmoran@collaborativefusion.com> To: questions@freebsd.org Subject: FreeBSD UFS "vulnerability": Is NIST off its medication, or am I missing something? Message-ID: <20061113201230.bbb9d35d.wmoran@collaborativefusion.com>
next in thread | raw e-mail | index | archive | help
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5824 Following the links around, it seems that you would have to mount a "corrupt" or "malicious" filesystem in order to exploit this "vulnerability". Yes, NIST claims there is no authentication required to exploit? Are new versions of FreeBSD suddenly allowing unauthenticated users to mount filesystems by default? If so, something's wrong with my 6.1 workstation! It seems like this is the 2nd or 3rd "vulnerability" I've seen that's been blown out of proportion by NIST, or am I missing something?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061113201230.bbb9d35d.wmoran>