EUVD-2007-6253

Malware in sbrugna...

Mandriva Linux Security Advisory : autofs (MDVSA-2008:009-1)

The default behaviour of autofs 5 for the hosts map did not specify the nosuid and nodev mount options. This could allow a local user with control of a remote NFS server to create a setuid root executable on the exported filesystem of the remote NFS server. If this filesystem was mounted with the...

CVE-2007-6285

The default configuration for autofs 5 autofs5 in some Linux distributions, such as Red Hat Enterprise Linux RHEL 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special devic...

CVE-2007-6285

The default configuration for autofs 5 autofs5 in some Linux distributions, such as Red Hat Enterprise Linux RHEL 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special devic...

CVE-2007-6285

CVE-2007-6285 concerns autofs5 in some Linux distros (notably RHEL4/5) where the default -hosts map lacked the nodev mount option. This allowed a local user who controls a remote NFS server to create device files on that server and potentially access important devices on the client via the defaul...

CVE-2007-5964

The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux RHEL 5, omits the nosuid option for the hosts /net filesystem map, which allows local users to gain privileges via a setuid program on a remote NFS server...