NFS: FreeBSD NFS Server nfsm_advance Denial-of-Service
This signature detects attempts to exploit a known vulnerability against NFS Server component of FreeBSD. A successful attack can result in a denial-of-service condition.
Extended Description
In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error can occur when handling the client address length field in an NFSv4 request. Unprivileged remote users with access to the NFS server can crash the system by sending a specially crafted NFSv4 request.
Affected Products
Freebsd freebsd
References
CVE: CVE-2018-17158
Short Name
NFS:FREEBSD-NFSM-ADV-DOS
Severity
Major
Recommended
True
Recommended Action
None
Category
NFS
Keywords
CVE-2018-17158 Denial-of-Service FreeBSD NFS Server nfsm_advance
Release Date
06/20/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3427
Port
TCP/2049
False Positive
Rarely
Vendors
Freebsd
CVSS Score
7.8