Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2015-3202
HistoryJul 02, 2015 - 9:59 p.m.

CVE-2015-3202

2015-07-0221:59:03
Debian Security Bug Tracker
security-tracker.debian.org
14

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

EPSS

0

Percentile

0.4%

fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount’s debugging feature.

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

EPSS

0

Percentile

0.4%