CVE-2011-4131

Scores

EPSS

0.004very_low0.4%

0%20%40%60%80%100%

Percentile: 0.4%

CVSS

4.6medium2.0

0246810

CVSS Score: 4.6/10

All CVSS Scores

CVSS 2.0

4.6

Vector: AV:A/AC:H/Au:N/C:N/I:N/A:C

Description

The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.

Learn more about Scaner-VS 7

Sources

debiannvdredhatubuntu

CWEs

CWE-189

Related Vulnerabilities

BDU:2015-05303 BDU:2015-05304 BDU:2015-05305 BDU:2015-05306 BDU:2015-05307 BDU:2015-05308 BDU:2015-05309 BDU:2015-05310 BDU:2015-05311 BDU:2015-05312 BDU:2015-05313 BDU:2015-05314 BDU:2015-05315

Exploits

Exploit ID: 24459

Source: exploitdb

URL: https://www.exploit-db.com/exploits/24459

Exploit ID: 25444

Source: exploitdb

URL: https://www.exploit-db.com/exploits/25444

Exploit ID: 26131

Source: exploitdb

URL: https://www.exploit-db.com/exploits/26131

Exploit ID: 33589

Source: exploitdb

URL: https://www.exploit-db.com/exploits/33589

Exploit ID: 38465

Source: exploitdb

URL: https://www.exploit-db.com/exploits/38465

Exploit ID: CVE-2013-2094

Source: github-poc

URL: https://github.com/letsr00t/CVE-2013-2094

Vulnerable Software (15)

Type: Configuration

Product: kernel

Operating System: rhel 6

Trait:

{  "fixed": "2.6.32-279.el6"}

Source: redhat

Type: Configuration

Product: kernel

Operating System: rhel 6.2

Trait:

{  "fixed": "2.6.32-220.30.1.el6"}

Source: redhat

Type: Configuration

Product: kernel-rt

Operating System: rhel

Trait:

{  "fixed": "3.0.18-rt34.53.el6rt"}

Source: redhat

Type: Configuration

Product: linux

Operating System: debian

Trait:

{  "fixed": "3.2.9-1"}

Source: debian

Type: Configuration

Product: linux

Operating System: ubuntu hardy 8.04

Trait:

{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: linux

Operating System: ubuntu trusty 14.04

Trait:

{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux-2.6

Operating System: debian

Trait:

{  "unfixed": true}

Source: debian

Type: Configuration

Product: linux-2.6

Operating System: debian squeeze 6

Trait:

{  "unfixed": true}

Source: debian

Type: Configuration

Product: linux-flo

Operating System: ubuntu trusty 14.04

Trait:

{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux-goldfish

Operating System: ubuntu trusty 14.04

Trait:

{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux-grouper

Operating System: ubuntu trusty 14.04

Trait:

{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: linux-maguro

Operating System: ubuntu trusty 14.04

Trait:

{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: linux-mako

Operating System: ubuntu trusty 14.04

Trait:

{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux-manta

Operating System: ubuntu trusty 14.04

Trait:

{  "unaffected": true}

Source: ubuntu

Type: Configuration

Vendor: *

Product: linux_kernel

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*",...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

End of list

Russian Vulnerability Scanner Database

CVE-2011-4131

Scores

EPSS

CVSS

All CVSS Scores

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact

Description

Scaner-VS 7 — a modern vulnerability management solution

Sources

CWEs

Related Vulnerabilities

Exploits

Vulnerable Software (15)