Vulnerabilities in the SUSE Linux Enterprise operating system that allow attackers to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the ecryptfs-utils-32bit package of the SUSE Linux Enterprise operating system can lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited locally...

Vulnerabilities of the CentOS operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the ecryptfs-utils-75 package of the CentOS operating system can lead to breaches of confidentiality, integrity, and accessibility of protected information. Exploitation of these vulnerabilities can be carried out locally...

Vulnerabilities of the CentOS operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities of the ecryptfs-utils-debuginfo-82 package on the CentOS operating system can lead to breaches of confidentiality, integrity, and accessibility of protected information. Exploitation of these vulnerabilities can be carried out locally...

Vulnerabilities of the CentOS operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities of the ecryptfs-utils-devel-75 package on the CentOS operating system can lead to breaches of confidentiality, integrity, and accessibility of protected information. Exploitation of these vulnerabilities can occur locally...

Vulnerabilities of the CentOS operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities of the ecryptfs-utils-devel-82 package on the CentOS operating system can lead to breaches of confidentiality, integrity, and accessibility of protected information. Exploitation of these vulnerabilities can be carried out locally...

USN-2524-1: eCryptfs vulnerability

Sylvain Pelissier discovered that eCryptfs did not generate a random salt when encrypting the mount passphrase with the login password. An attacker could use this issue to discover the login password used to protect the mount passphrase and gain unintended access to the encrypted files...

openSUSE Security Update : ecryptfs-utils (openSUSE-SU-2011:0902-1)

This update of ecryptfs-utils fixes several security problems : - CVE-2011-1831 - Race condition when checking mountpoint during mount. - CVE-2011-1832 - Race condition when checking mountpoint during unmount. - CVE-2011-1833 - Race condition when checking source during mount. - CVE-2011-1834 -...

openSUSE Security Update : ecryptfs-utils (openSUSE-SU-2011:0902-1)

This update of ecryptfs-utils fixes several security problems : - CVE-2011-1831 - Race condition when checking mountpoint during mount. - CVE-2011-1832 - Race condition when checking mountpoint during unmount. - CVE-2011-1833 - Race condition when checking source during mount. - CVE-2011-1834 -...

openSUSE Security Update : ecryptfs-utils (openSUSE-SU-2012:0106-1)

mount.ecrpytfsprivate did not set correct group ownerships when it modifies mtab CVE-2011-3145. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update ecryptfs-utils-5541. The text description of thi...

openSUSE Security Update : ecryptfs-utils (openSUSE-SU-2012:0106-1)

mount.ecrpytfsprivate did not set correct group ownerships when it modifies mtab CVE-2011-3145. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update ecryptfs-utils-5541. The text description of thi...

CVE-2011-1836

utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process...

CVE-2011-1831

utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call...

CVE-2011-1834

utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service table corruption or bypass intended unmounting restrictions via a umount system call...

CVE-2011-1835

The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps...

CVE-2011-1832

utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call...

CVE-2011-1837

The lock-counter implementation in utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors...

DEBIAN-CVE-2011-1831

utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call...

CVE-2011-1834

utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service table corruption or bypass intended unmounting restrictions via a umount system call...

CVE-2011-1835

The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps...

CVE-2011-1832

utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call...