Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-2382.NASL
HistoryJan 12, 2012 - 12:00 a.m.

Debian DSA-2382-1 : ecryptfs-utils - multiple vulnerabilities

2012-01-1200:00:00
This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

59.8%

JSON

Several problems have been discovered in eCryptfs, a cryptographic filesystem for Linux.

  • CVE-2011-1831 Vasiliy Kulikov of Openwall and Dan Rosenberg discovered that eCryptfs incorrectly validated permissions on the requested mountpoint. A local attacker could use this flaw to mount to arbitrary locations, leading to privilege escalation.

  • CVE-2011-1832 Vasiliy Kulikov of Openwall and Dan Rosenberg discovered that eCryptfs incorrectly validated permissions on the requested mountpoint. A local attacker could use this flaw to unmount to arbitrary locations, leading to a denial of service.

  • CVE-2011-1834 Dan Rosenberg and Marc Deslauriers discovered that eCryptfs incorrectly handled modifications to the mtab file when an error occurs. A local attacker could use this flaw to corrupt the mtab file, and possibly unmount arbitrary locations, leading to a denial of service.

  • CVE-2011-1835 Marc Deslauriers discovered that eCryptfs incorrectly handled keys when setting up an encrypted private directory. A local attacker could use this flaw to manipulate keys during creation of a new user.

  • CVE-2011-1837 Vasiliy Kulikov of Openwall discovered that eCryptfs incorrectly handled lock counters. A local attacker could use this flaw to possibly overwrite arbitrary files.

We acknowledge the work of the Ubuntu distribution in preparing patches suitable for near-direct inclusion in the Debian package.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-2382. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(57522);
  script_version("1.13");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2011-1831", "CVE-2011-1832", "CVE-2011-1834", "CVE-2011-1835", "CVE-2011-1837", "CVE-2011-3145");
  script_bugtraq_id(49108, 49287);
  script_xref(name:"DSA", value:"2382");

  script_name(english:"Debian DSA-2382-1 : ecryptfs-utils - multiple vulnerabilities");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several problems have been discovered in eCryptfs, a cryptographic
filesystem for Linux.

  - CVE-2011-1831
    Vasiliy Kulikov of Openwall and Dan Rosenberg discovered
    that eCryptfs incorrectly validated permissions on the
    requested mountpoint. A local attacker could use this
    flaw to mount to arbitrary locations, leading to
    privilege escalation.

  - CVE-2011-1832
    Vasiliy Kulikov of Openwall and Dan Rosenberg discovered
    that eCryptfs incorrectly validated permissions on the
    requested mountpoint. A local attacker could use this
    flaw to unmount to arbitrary locations, leading to a
    denial of service.

  - CVE-2011-1834
    Dan Rosenberg and Marc Deslauriers discovered that
    eCryptfs incorrectly handled modifications to the mtab
    file when an error occurs. A local attacker could use
    this flaw to corrupt the mtab file, and possibly unmount
    arbitrary locations, leading to a denial of service.

  - CVE-2011-1835
    Marc Deslauriers discovered that eCryptfs incorrectly
    handled keys when setting up an encrypted private
    directory. A local attacker could use this flaw to
    manipulate keys during creation of a new user.

  - CVE-2011-1837
    Vasiliy Kulikov of Openwall discovered that eCryptfs
    incorrectly handled lock counters. A local attacker
    could use this flaw to possibly overwrite arbitrary
    files.

We acknowledge the work of the Ubuntu distribution in preparing
patches suitable for near-direct inclusion in the Debian package."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2011-1831"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2011-1832"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2011-1834"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2011-1835"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2011-1837"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/squeeze/ecryptfs-utils"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2012/dsa-2382"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the ecryptfs-utils packages.

For the oldstable distribution (lenny), these problems have been fixed
in version 68-1+lenny1.

For the stable distribution (squeeze), these problems have been fixed
in version 83-4+squeeze1."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:ecryptfs-utils");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/02/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/01/07");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/01/12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"5.0", prefix:"ecryptfs-utils", reference:"68-1+lenny1")) flag++;
if (deb_check(release:"6.0", prefix:"ecryptfs-utils", reference:"83-4+squeeze1")) flag++;
if (deb_check(release:"6.0", prefix:"ecryptfs-utils-dbg", reference:"83-4+squeeze1")) flag++;
if (deb_check(release:"6.0", prefix:"libecryptfs-dev", reference:"83-4+squeeze1")) flag++;
if (deb_check(release:"6.0", prefix:"libecryptfs0", reference:"83-4+squeeze1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxecryptfs-utilsp-cpe:/a:debian:debian_linux:ecryptfs-utils
debiandebian_linux5.0cpe:/o:debian:debian_linux:5.0
debiandebian_linux6.0cpe:/o:debian:debian_linux:6.0

Related

openvas 26
osv 1
nessus 18
debian 1
oraclelinux 1
redhat 1
centos 1
suse 2
securityvulns 3
fedora 6
ubuntu 2
ubuntucve 6
debiancve 6
prion 6
veracode 6
cve 6
nvd 6
cvelist 6
openvas
openvas
Debian Security Advisory DSA 2382-1 (ecryptfs-utils)
2012-02-11 00:00:00
Debian: Security Advisory (DSA-2382-1)
2012-02-11 00:00:00
CentOS Update for ecryptfs-utils-75-5.el5_ CESA-2011:1241 centos5 i386
2011-09-23 00:00:00
osv
osv
ecryptfs-utils - multiple
2012-01-07 00:00:00
nessus
nessus
RHEL 5 / 6 : ecryptfs-utils (RHSA-2011:1241)
2011-09-01 00:00:00
Oracle Linux 5 / 6 : ecryptfs-utils (ELSA-2011-1241)
2013-07-12 00:00:00
CentOS 5 : ecryptfs-utils (CESA-2011:1241)
2011-09-23 00:00:00
debian
debian
[SECURITY] [DSA 2382-1] ecryptfs-utils security update
2012-01-07 18:48:38
oraclelinux
oraclelinux
ecryptfs-utils security update
2011-08-31 00:00:00
redhat
redhat
(RHSA-2011:1241) Moderate: ecryptfs-utils security update
2011-08-31 00:00:00
centos
centos
ecryptfs security update
2011-09-01 16:11:04
suse
suse
ecryptfs-utils: Update to fix various symlink race attacks (important)
2011-08-12 21:08:14
Security update for ecryptfs-utils (important)
2011-08-12 06:08:16
securityvulns
securityvulns
eCryptfs multiple security vulnerabilities
2011-08-24 00:00:00
[USN-1188-1] eCryptfs vulnerabilities
2011-08-11 00:00:00
[USN-1196-1] eCryptfs vulnerability
2011-08-24 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: ecryptfs-utils-90-1.fc15
2011-09-02 05:25:53
[SECURITY] Fedora 14 Update: ecryptfs-utils-90-1.fc14
2011-09-02 05:31:16
[SECURITY] Fedora 15 Update: ecryptfs-utils-90-2.fc15
2011-09-14 22:33:52
ubuntu
ubuntu
eCryptfs vulnerabilities
2011-08-09 00:00:00
eCryptfs vulnerability
2011-08-23 00:00:00
ubuntucve
ubuntucve
CVE-2011-1831
2011-08-09 00:00:00
CVE-2011-1832
2011-08-09 00:00:00
CVE-2011-1835
2011-08-09 00:00:00
debiancve
debiancve
CVE-2011-1831
2014-02-15 14:57:06
CVE-2011-1832
2014-02-15 14:57:06
CVE-2011-1837
2014-02-15 14:57:06
prion
prion
Design/Logic Flaw
2014-02-15 14:57:00
Information disclosure
2014-02-15 14:57:00
Code injection
2014-02-15 14:57:00
veracode
veracode
Privilege Escalation
2020-04-10 01:02:45
Denial Of Service (DoS)
2020-04-10 01:02:45
Arbitrary File Write
2020-04-10 01:02:46
cve
cve
CVE-2011-1831
2014-02-15 14:57:06
CVE-2011-1837
2014-02-15 14:57:06
CVE-2011-1835
2014-02-15 14:57:06
nvd
nvd
CVE-2011-1831
2014-02-15 14:57:06
CVE-2011-1832
2014-02-15 14:57:06
CVE-2011-1837
2014-02-15 14:57:06
cvelist
cvelist
CVE-2011-1831
2014-02-15 11:00:00
CVE-2011-1837
2014-02-15 11:00:00
CVE-2011-1832
2014-02-15 11:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

59.8%

JSON
Related for DEBIAN_DSA-2382.NASL
openvas26osv1nessus18debian1oraclelinux1redhat1centos1suse2securityvulns3fedora6ubuntu2ubuntucve6debiancve6prion6veracode6cve6nvd6cvelist6