20 matches found
EUVD-2009-1294
Malware in sbrugna...
SUSE CVE-2011-1831
utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call...
SUSE CVE-2011-1832
utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call...
SUSE CVE-2011-1836
utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process...
SUSE CVE-2011-1835
The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps...
SUSE CVE-2012-3409
ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation...
eCryptfs-utils mount.ecryptfs_private.c Elevation of Privilege Vulnerability
eCryptfs is an enterprise-class encrypted file system for the Linux platform. In eCryptfs-utils, mount.ecryptfsprivate.c is not verified to load the target filesystem type, and local users can get elevated privileges by loading through a non-standard filesystem...
USN-2876-1 ecryptfs-utils vulnerability
Jann Horn discovered that mount.ecryptfsprivate would mount over certain directories in the proc filesystem. A local attacker could use this to escalate their privileges. CVE-2016-1572...
UBUNTU-CVE-2016-1572
mount.ecryptfsprivate.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid...
Vulnerabilities in the SUSE Linux Enterprise operating system that allow attackers to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the ecryptfs-utils-x86-61 package of the SUSE Linux Enterprise operating system can lead to breaches of confidentiality, integrity, and accessibility of protected information. Exploitation of these vulnerabilities can occur locally...
Vulnerabilities of the Red Hat Enterprise Linux operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the ecryptfs-utils-82 package of the Red Hat Enterprise Linux operating system can be exploited, leading to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited locally...
Vulnerabilities of the Red Hat Enterprise Linux operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities of the ecryptfs-utils-devel-82 package for the Red Hat Enterprise Linux operating system can be exploited, leading to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited locally...
Vulnerabilities of the CentOS operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the ecryptfs-utils-82 package of the CentOS operating system can lead to breaches of confidentiality, integrity, and accessibility of protected information. Exploitation of these vulnerabilities can be carried out locally...
Vulnerabilities of the CentOS operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities of the ecryptfs-utils-gui-75 package on the CentOS operating system can lead to breaches of confidentiality, integrity, and accessibility of protected information. Exploitation of these vulnerabilities can be carried out locally...
DEBIAN-CVE-2011-1837
The lock-counter implementation in utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors...
DEBIAN-CVE-2011-1832
utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call...
DEBIAN-CVE-2011-1836
utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process...
DEBIAN-CVE-2011-1834
utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service table corruption or bypass intended unmounting restrictions via a umount system call...
DEBIAN-CVE-2009-1296
The eCryptfs support utilities ecryptfs-utils 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are only readable by root...
CVE-2009-1296
The eCryptfs support utilities ecryptfs-utils 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are only readable by root...