Privilege Escalation

kpmcore is vulnerable to privilege escalation. The kpmcoreexternalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute the mount command to gain root privileges...

GLSA-202011-03 : KPMCore: Root privilege escalation

The remote host is affected by the vulnerability described in GLSA-202011-03 KPMCore: Root privilege escalation Improper checks on the D-Bus request received resulted in improper protection for /etc/fstab. Impact : An attacker could esclate privileges to root by exploiting this vulnerability...

CVE-2020-27187

An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcoreexternalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related...

Design/Logic Flaw

An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcoreexternalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related...

CVE-2020-27187

An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcoreexternalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related...

CVE-2020-27187

An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcoreexternalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related...

CVE-2020-27187

An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcoreexternalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related...

Oracle Linux 7 : systemd (ELSA-2018-0260)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-0260 advisory. 219-42.0.2.7 - fix netdev is missing for iscsi entry in /etc/fstab Orabug: 25897792 [email protected] - set 'RemoveIPC=no' in logind.conf as default for OL7...

Information Disclosure

sosreport is vulnerable to information disclosure. If a malicious user can get access to the technical-support data stream and if the /etc/fstab file contains passwords, the sensitive information can be disclosed...

cronic Arbitrary File Write Vulnerability

cronic is a shell script maintained by software developer Daniel Lange for wrapping cron jobs to prevent redundant email delivery. An arbitrary file write vulnerability exists in cronic, which can be exploited by an attacker by creating a symbolic link /tmp/cronic.out.PID - /etc/fstab to write...

util-linux-ng security, bug fix and enhancement update

2.17.2-12.9 - fix 892471 - CVE-2013-0157 mount folder existence information disclosure 2.17.2-12.8 - fix 679833 - RFE tailf should support - fix 719927 - RFE add adjtimex --compare functionality to hwclock - fix 730272 - losetup does not warn if backing file is 512 bytes - fix 730891 - document...

Slackware Advisory SSA:2005-255-02 util-linux umount

The remote host is missing an update as announced via advisory SSA:2005-255-01. OpenVAS Vulnerability Test $Id: esoftslkssa200525502.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Linux Gather Saved mount.cifs/mount.smbfs Credentials

Post Module to obtain credentials saved for mount.cifs/mount.smbfs in /etc/fstab on a Linux system. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linux Gather Saved mount.cifs/mount.smbfs...

USN-184-1: umount vulnerability

David Watson discovered that "umount -r" removed some restrictive mount options like the "nosuid" flag. If /etc/fstab contains user-mountable removable devices which specify the "nosuid" flag which is common practice for such devices, a local attacker could exploit this to execute arbitrary...