15 matches found
EUVD-2009-1294
Malware in sbrugna...
SUSE CVE-2011-1831
utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call...
SUSE CVE-2011-1832
utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call...
SUSE CVE-2011-1835
The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps...
SUSE CVE-2011-1836
utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process...
SUSE CVE-2012-3409
ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation...
eCryptfs-utils mount.ecryptfs_private.c Elevation of Privilege Vulnerability
eCryptfs is an enterprise-class encrypted file system for the Linux platform. In eCryptfs-utils, mount.ecryptfsprivate.c is not verified to load the target filesystem type, and local users can get elevated privileges by loading through a non-standard filesystem...
USN-2876-1 ecryptfs-utils vulnerability
Jann Horn discovered that mount.ecryptfsprivate would mount over certain directories in the proc filesystem. A local attacker could use this to escalate their privileges. CVE-2016-1572...
UBUNTU-CVE-2016-1572
mount.ecryptfsprivate.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid...
DEBIAN-CVE-2011-1837
The lock-counter implementation in utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors...
DEBIAN-CVE-2011-1836
utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process...
DEBIAN-CVE-2011-1832
utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call...
DEBIAN-CVE-2011-1834
utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service table corruption or bypass intended unmounting restrictions via a umount system call...
DEBIAN-CVE-2009-1296
The eCryptfs support utilities ecryptfs-utils 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are only readable by root...
CVE-2009-1296
The eCryptfs support utilities ecryptfs-utils 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are only readable by root...