13 matches found
Linux Distros Unpatched Vulnerability : CVE-2010-3879
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink...
RHEL 5 : fuse (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - fuse: unprivileged user can unmount arbitrary locations via symlink attack CVE-2010-3879 - fuse: incorrec...
Oracle: Security Advisory (ELSA-2011-1083)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : fuse (openSUSE-SU-2011:0264-1)
Race conditions in fuse allowed unprivileged users to umount arbitrary mount points CVE-2011-0541,CVE-2010-3879,CVE-2011-0543. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update fuse-4184. The te...
Oracle Linux 6 : fuse (ELSA-2011-1083)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-1083 advisory. 2.8.3-3 - Bump the release since the bz was set to the wrong target 2.8.3-2 - Fix another umount race bz 673250, CVE-2010-3879 Tenable has extracted th...
[ MDVSA-2013:154 ] util-linux
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:154 http://www.mandriva.com/en/support/security/ Package : util-linux Date : April 29, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been found and...
Scientific Linux Security Update : fuse on SL6.x i386/x86_64
FUSE Filesystem in Userspace can implement a fully functional file system in a user-space program. These packages provide the mount utility, fusermount, the tool used to mount FUSE file systems. Multiple flaws were found in the way fusermount handled the mounting and unmounting of directories whe...
SuSE 10 Security Update : fuse (ZYPP Patch Number 7418)
The following security issues were fixed in fuse : - FUSE allowed local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem. CVE-2010-3879 - Avoid mounting a directory...
fuse security update
2.8.3-3 - Bump the release since the bz was set to the wrong target 2.8.3-2 - Fix another umount race bz 673250, CVE-2010-3879...
openSUSE Security Update : fuse (openSUSE-SU-2011:0265-1)
Race conditions in fuse allowed unprivileged users to umount arbitrary mount points CVE-2011-0541,CVE-2010-3879,CVE-2011-0543. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update fuse-4183. The te...
Fedora Update for util-linux-ng FEDORA-2011-0854
Check for the Version of util-linux-ng OpenVAS Vulnerability Test Fedora Update for util-linux-ng FEDORA-2011-0854 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora 14 : util-linux-ng-2.18-4.8.fc14 (2011-0854)
util-linux-ng update with fixes for mount/umount required by the fuse fix for CVE-2010-3879 properly working --no-canonicalize and --fake options. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
CVE-2010-3879
CVE-2010-3879 affects FUSE (likely versions up to 2.8.5 and earlier). The vulnerability arises from a symlink attack on the parent directory of a FUSE mountpoint, enabling local users to create/modify mtab entries and thereby unmount a filesystem (a separate issue from CVE-2010-0789). The descrip...