Vulnerabilities > CVE-2013-20001 - Unspecified vulnerability in Openzfs
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
An issue was discovered in OpenZFS through 2.0.3. When an NFS share is exported to IPv6 addresses via the sharenfs feature, there is a silent failure to parse the IPv6 address data, and access is allowed to everyone. IPv6 restrictions from the configuration are not applied.
Vulnerable Configurations
References
- https://github.com/openzfs/zfs/issues/1894#issuecomment-30693652
- https://github.com/openzfs/zfs/issues/1894#issuecomment-30693652
- https://github.com/openzfs/zfs/releases
- https://github.com/openzfs/zfs/releases
- https://lists.debian.org/debian-lts-announce/2024/03/msg00019.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00019.html