SUSE CVE-2016-1572

mount.ecryptfsprivate.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid...

SUSE: Security Advisory (SUSE-SU-2016:0290-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 22 : ecryptfs-utils-109-1.fc22 (2016-7b9a2fe987)

manpage ecryptfs-migrate-home.8: Fix typos - clang static analysis fixes - Refuse to mount over non-standard filesystems. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...

openSUSE Security Update : ecryptfs-utils (openSUSE-2016-125)

This update for ecryptfs-utils fixes the following issues : - CVE-2016-1572: A local user could have escalated privileges by mounting over special filesystems bsc962052 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

SUSE SLED11 / SLES11 Security Update : ecryptfs-utils (SUSE-SU-2016:0290-1)

This update for ecryptfs-utils fixes the following issues : - CVE-2016-1572: A local user could have escalated privileges by mounting over special filesystems bsc962052 - CVE-2014-9687: A default salt value reduced complexity of offline precomputation attacks bsc920160 Note that Tenable Network...

SUSE-SU-2016:0290-1 Security update for ecryptfs-utils

This update for ecryptfs-utils fixes the following issues: - CVE-2016-1572: A local user could have escalated privileges by mounting over special filesystems bsc962052 - CVE-2014-9687: A default salt value reduced complexity of offline precomputation attacks bsc920160...

SUSE SLED12 / SLES12 Security Update : ecryptfs-utils (SUSE-SU-2016:0241-1)

This update for ecryptfs-utils fixes the following issues : - CVE-2016-1572: A local user could have escalated privileges by mounting over special filesystems bsc962052 - CVE-2014-9687: A default salt value reduced complexity of offline precomputation attacks bsc920160 Note that Tenable Network...

openSUSE Security Update : ecryptfs-utils (openSUSE-2016-93)

This update for ecryptfs-utils fixes the following issues : - CVE-2016-1572: A local user could have escalated privileges by mounting over special filesystems bsc962052 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

CVE-2016-1572

CVE-2016-1572 concerns a flaw in mount.ecryptfs_private.c (ecryptfs-utils) where mount destination filesystem types are not validated, enabling a local user to gain privileges by mounting over a nonstandard filesystem (example: /proc/$pid). The vulnerability has been discussed in multiple advisor...

CVE-2016-1572

mount.ecryptfsprivate.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid...

Debian DLA-397-1 : ecryptfs-utils security update

Jann Horn discovered that the setuid-root mount.ecryptfsprivate helper in the ecryptfs-utils would mount over any target directory that the user owns, including a directory in procfs. A local attacker could use this flaw to escalate his privileges. NOTE: Tenable Network Security has extracted the...

Ubuntu: Security Advisory (USN-2876-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : eCryptfs vulnerability (USN-2876-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2876-1 advisory. Jann Horn discovered that mount.ecryptfsprivate would mount over certain directories in the proc filesystem. A local attacker could use this to escalate their...

[SECURITY] [DLA 397-1] ecryptfs-utils security update

Package : ecryptfs-utils Version : 83-4+squeeze2 CVE ID : CVE-2016-1572 Jann Horn discovered that the setuid-root mount.ecryptfsprivate helper in the ecryptfs-utils would mount over any target directory that the user owns, including a directory in procfs. A local attacker could use this flaw to...

[SECURITY] [DSA 3450-1] ecryptfs-utils security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3450-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 20, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3450-1] ecryptfs-utils security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3450-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 20, 2016 https://www.debian.org/security/faq -...

USN-2876-1: eCryptfs vulnerability

Jann Horn discovered that mount.ecryptfsprivate would mount over certain directories in the proc filesystem. A local attacker could use this to escalate their privileges. CVE-2016-1572...