Candidate: CVE-2005-3623
References: 
 http://permalink.gmane.org/gmane.linux.kernel/360868
Description: 
 We must check for MAY_SATTR before setting acls, which includes
 checking for read-only exports: the lower-level setxattr operation
 that eventually sets the acl cannot check export-level restrictions.
Notes: 
 jmm> NFS ACLs were only introduced somewhere between 2.6.12-2.6.14, so
 jmm> Sarge and Woody are not vulnerable
Bugs: 
upstream: released (2.6.14.5), released (2.6.15-pre7)
linux-2.6: released (2.6.14-7)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.4.19-woody-security: N/A
2.4.18-woody-security: N/A
2.4.17-woody-security: N/A
2.4.16-woody-security: N/A
2.4.17-woody-security-hppa: N/A
2.4.17-woody-security-ia64: N/A