sharenfs 0.6.4, when built with commits bcdd594 and 7d08880 from the zfs repository, provides world readable access to the shared zfs file system, which might allow remote authenticated users to obtain sensitive information by reading shared files.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2015/04/22/4 | Mailing List VDB Entry |
http://www.securityfocus.com/bid/74272 | Third Party Advisory VDB Entry |
https://github.com/FransUrbo/zfs/commit/99aa4d2b4fd12c6bef62d02ffd1b375ddd42fcf4 | Patch Third Party Advisory |
https://github.com/zfsonlinux/zfs/issues/3319 | Third Party Advisory |
https://github.com/zfsonlinux/zfs/pull/2790/commits | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-10-18T15:00:00
Updated: 2017-10-18T14:57:01
Reserved: 2015-04-22T00:00:00
Link: CVE-2015-3400
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-10-18T15:29:00.423
Modified: 2017-11-08T13:03:08.917
Link: CVE-2015-3400
JSON object: View
Redhat Information
No data.
CWE