Lucene search
HistoryFeb 15, 2014 - 2:57 p.m.
CVE-2011-1831
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
8.9 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call.
Affected configurations
Node
ecryptfsecryptfs-utilsRange≤89
ORecryptfsecryptfs-utilsMatch62
ORecryptfsecryptfs-utilsMatch63
ORecryptfsecryptfs-utilsMatch64
ORecryptfsecryptfs-utilsMatch65
ORecryptfsecryptfs-utilsMatch66
ORecryptfsecryptfs-utilsMatch67
ORecryptfsecryptfs-utilsMatch68
ORecryptfsecryptfs-utilsMatch69
ORecryptfsecryptfs-utilsMatch70
ORecryptfsecryptfs-utilsMatch71
ORecryptfsecryptfs-utilsMatch72
ORecryptfsecryptfs-utilsMatch73
ORecryptfsecryptfs-utilsMatch74
ORecryptfsecryptfs-utilsMatch75
ORecryptfsecryptfs-utilsMatch76
ORecryptfsecryptfs-utilsMatch77
ORecryptfsecryptfs-utilsMatch78
ORecryptfsecryptfs-utilsMatch79
ORecryptfsecryptfs-utilsMatch80
ORecryptfsecryptfs-utilsMatch81
ORecryptfsecryptfs-utilsMatch82
ORecryptfsecryptfs-utilsMatch83
ORecryptfsecryptfs-utilsMatch84
ORecryptfsecryptfs-utilsMatch85
ORecryptfsecryptfs-utilsMatch86
ORecryptfsecryptfs-utilsMatch87
ORecryptfsecryptfs_utilsMatch58
ORecryptfsecryptfs_utilsMatch59
ORecryptfsecryptfs_utilsMatch60
ORecryptfsecryptfs_utilsMatch61
Related
prion
prion
Design/Logic Flaw
2014-02-15 14:57:00
veracode
veracode
Privilege Escalation
2020-04-10 01:02:45
cve
cve
CVE-2011-1831
2014-02-15 14:57:06
cvelist
cvelist
CVE-2011-1831
2014-02-15 11:00:00
debiancve
debiancve
CVE-2011-1831
2014-02-15 14:57:06
ubuntucve
ubuntucve
CVE-2011-1831
2011-08-09 00:00:00
debian
debian
[SECURITY] [DSA 2382-1] ecryptfs-utils security update
2012-01-07 18:48:38
suse
suse
ecryptfs-utils: Update to fix various symlink race attacks (important)
2011-08-12 21:08:14
Security update for ecryptfs-utils (important)
2011-08-12 06:08:16
nessus
nessus
Oracle Linux 5 / 6 : ecryptfs-utils (ELSA-2011-1241)
2013-07-12 00:00:00
Debian DSA-2382-1 : ecryptfs-utils - multiple vulnerabilities
2012-01-12 00:00:00
RHEL 5 / 6 : ecryptfs-utils (RHSA-2011:1241)
2011-09-01 00:00:00
osv
osv
ecryptfs-utils - multiple
2012-01-07 00:00:00
openvas
openvas
Debian Security Advisory DSA 2382-1 (ecryptfs-utils)
2012-02-11 00:00:00
Debian: Security Advisory (DSA-2382-1)
2012-02-11 00:00:00
CentOS Update for ecryptfs-utils-75-5.el5_ CESA-2011:1241 centos5 x86_64
2012-07-30 00:00:00
centos
centos
ecryptfs security update
2011-09-01 16:11:04
redhat
redhat
(RHSA-2011:1241) Moderate: ecryptfs-utils security update
2011-08-31 00:00:00
ubuntu
ubuntu
eCryptfs vulnerabilities
2011-08-09 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: ecryptfs-utils-90-2.fc14
2011-09-14 22:31:26
[SECURITY] Fedora 14 Update: ecryptfs-utils-90-1.fc14
2011-09-02 05:31:16
[SECURITY] Fedora 15 Update: ecryptfs-utils-90-2.fc15
2011-09-14 22:33:52
securityvulns
securityvulns
[USN-1188-1] eCryptfs vulnerabilities
2011-08-11 00:00:00
eCryptfs multiple security vulnerabilities
2011-08-24 00:00:00
oraclelinux
oraclelinux
ecryptfs-utils security update
2011-08-31 00:00:00
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
8.9 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for NVD:CVE-2011-1831