Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1449-1
HistoryJan 05, 2008 - 12:00 a.m.

loop-aes-utils privilege escalation

2008-01-0500:00:00
Google
osv.dev
8

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

It was discovered that loop-aes-utils, tools for mounting and manipulating
filesystems, didn’t drop privileged user and group permissions in the correct order
in the mount and umount commands. This could potentially allow a local
user to gain additional privileges.

For the old stable distribution (sarge), this problem has been fixed in
version 2.12p-4sarge2.

For the stable distribution (etch), this problem has been fixed in version
2.12r-15+etch1.

We recommend that you upgrade your loop-aes-utils package.

Related

nessus 13
veracode 1
openvas 14
securityvulns 6
ubuntucve 1
oraclelinux 1
ubuntu 1
fedora 2
prion 1
centos 1
cve 1
gentoo 1
debian 2
debiancve 1
osv 1
redhat 1
vmware 2
nessus
nessus
openSUSE 10 Security Update : util-linux (util-linux-4552)
2007-10-18 00:00:00
Mandrake Linux Security Advisory : util-linux (MDKSA-2007:198)
2007-10-17 00:00:00
Oracle Linux 3 / 4 : util-linux (ELSA-2007-0969)
2013-07-12 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:18:03
openvas
openvas
Debian Security Advisory DSA 1450-1 (util-linux)
2008-01-17 00:00:00
Mandriva Update for util-linux MDKSA-2007:198 (util-linux)
2009-04-09 00:00:00
Gentoo Security Advisory GLSA 200710-18 (util-linux)
2008-09-24 00:00:00
securityvulns
securityvulns
loop-aes-utils / util-linux privilege escalation
2008-01-06 00:00:00
Linux mount / umount privilege escalation
2007-10-10 00:00:00
[SECURITY] [DSA 1450-1] New util-linux packages fix programming error
2008-01-06 00:00:00
ubuntucve
ubuntucve
CVE-2007-5191
2007-10-04 00:00:00
oraclelinux
oraclelinux
Moderate: util-linux security update
2007-11-16 00:00:00
ubuntu
ubuntu
util-linux vulnerability
2007-10-22 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: util-linux-2.13-0.54.1.fc7
2007-10-10 19:33:30
[SECURITY] Fedora Core 6 Update: util-linux-2.13-0.49.fc6
2007-10-15 19:59:34
prion
prion
Design/Logic Flaw
2007-10-04 16:17:00
centos
centos
losetup, mount, util security update
2007-11-15 19:24:57
cve
cve
CVE-2007-5191
2007-10-04 16:17:00
gentoo
gentoo
util-linux: Local privilege escalation
2007-10-18 00:00:00
debian
debian
[SECURITY] [DSA 1449-1] New loop-aes-utils packages fix programming error
2008-01-05 15:09:36
[SECURITY] [DSA 1450-1] New util-linux packages fix programming error
2008-01-05 15:10:16
debiancve
debiancve
CVE-2007-5191
2007-10-04 16:17:00
osv
osv
util-linux privilege escalation
2008-01-05 00:00:00
redhat
redhat
(RHSA-2007:0969) Moderate: util-linux security update
2007-11-15 00:00:00
vmware
vmware
Updated service console patches.
2008-01-07 00:00:00
Updated service console patches.
2008-01-07 00:00:00

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for OSV:DSA-1449-1
nessus13veracode1openvas14securityvulns6ubuntucve1oraclelinux1ubuntu1fedora2prion1centos1cve1gentoo1debian2debiancve1osv1redhat1vmware2