{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T22:19:22.023","vulnerabilities":[{"cve":{"id":"CVE-2018-17159","sourceIdentifier":"secteam@freebsd.org","published":"2018-12-04T15:29:00.353","lastModified":"2024-11-21T03:53:59.230","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, the NFS server lacks a bounds check in the READDIRPLUS NFS request. Unprivileged remote users with access to the NFS server can cause a resource exhaustion by forcing the server to allocate an arbitrarily large memory allocation."},{"lang":"es","value":"En FreeBSD, en versiones anteriores a la 11.2-STABLE(r340854) y la 11.2-RELEASE-p5, el servidor NFS carece de una comprobación de límites en la petición NFS READDIRPLUS. Los usuarios remotos sin privilegios con acceso al servidor NFS pueden provocar el agotamiento de recursos forzando al servidor a que asigne un fragmento de memoria de longitud arbitraria."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*","versionEndExcluding":"11.2","matchCriteriaId":"B7354D16-6431-43C2-97BA-EBBF482572C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p5:*:*:*:*:*:*","matchCriteriaId":"E86CD544-86C4-4D9D-9CE5-087027509EDA"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/106192","source":"secteam@freebsd.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1042164","source":"secteam@freebsd.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://secuniaresearch.flexerasoftware.com/secunia_research/2018-24/","source":"secteam@freebsd.org","tags":["Third Party Advisory"]},{"url":"https://security.freebsd.org/advisories/FreeBSD-SA-18:13.nfs.asc","source":"secteam@freebsd.org","tags":["Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/106192","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1042164","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://secuniaresearch.flexerasoftware.com/secunia_research/2018-24/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://security.freebsd.org/advisories/FreeBSD-SA-18:13.nfs.asc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}