MiracleLinux 4 : util-linux-ng-2.17.2-12.4.AXS4 (AXSA:2012-06:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-06:01 advisory. The util-linux-ng package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others,...

EUVD-2011-1681

Malware in sbrugna...

EUVD-2011-1832

Malware in sbrugna...

Oracle Linux 6 : glibc (ELSA-2011-1526)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-1526 advisory. - Report write error in addmnt even for cached streams 688980, CVE-2011-1089 Tenable has extracted the preceding description block directly from the...

Denial Of Service (DoS)

glibc is vulnerable to denial of service. It was found that the glibc addmntent function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab mounted file systems table file. If such utilities had the setuid bit set, a local attacker could use th...

Privilege Escalation

util-linux is vulnerable to privilege escalation. A local, unprivileged user allowed to mount or unmount file systems could use these flaws to corrupt the mtab file and create a stale lock file, preventing other users from mounting and unmounting file systems...

Insecure Resource Limit Verification

samba does not properly verify resource limits. It was found that the mount.cifs tool did not handle certain errors correctly when updating the mtab file. If mount.cifs had the setuid bit set, a local attacker could corrupt the mtab file by setting a small file size limit before running mount.cif...

Race condition

Multiple race conditions in the 1 mount.cifs and 2 umount.cifs programs in Samba 3.6 allow local users to cause a denial of service mounting outage via a SIGKILL signal during a time window when the /etc/mtab file exists...

UBUNTU-CVE-2011-1749

The nfsaddmntent function in support/nfs/nfsmntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a small RLIMITFSIZE value,...

Sql injection

The nfsaddmntent function in support/nfs/nfsmntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a small RLIMITFSIZE value,...

CVE-2011-1834

utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service table corruption or bypass intended unmounting restrictions via a umount system call...

DEBIAN-CVE-2011-1834

utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service table corruption or bypass intended unmounting restrictions via a umount system call...

CVE-2011-1834

CVE-2011-1834 affects the ecryptfs-utils package, specifically the mount helper behavior in mount.ecryptfs_private.c. The root cause is improper handling of the mtab file during error conditions, which can allow a local user to cause a denial of service via table corruption or bypass intended unm...

CVE-2011-1834

utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service table corruption or bypass intended unmounting restrictions via a umount system call...

Mandriva Linux Security Advisory : ncpfs (MDVSA-2013:048)

Multiple vulnerabilities has been discovered and corrected in ncpfs : ncpfs 2.2.6 and earlier attempts to use 1 ncpmount to append to the /etc/mtab file and 2 ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to...

Mandriva Update for util-linux MDVSA-2012:083 (util-linux)

Check for the Version of util-linux OpenVAS Vulnerability Test Mandriva Update for util-linux MDVSA-2012:083 util-linux Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

Scientific Linux Security Update : nfs-utils on SL6.x i386/x86_64

The nfs-utils packages provide a daemon for the kernel Network File System NFS server, and related tools such as the mount.nfs, umount.nfs, and showmount programs. A flaw was found in the way nfs-utils performed IP based authentication of mount requests. In configurations where a directory was...

Scientific Linux Security Update : util-linux-ng on SL6.x i386/x86_64

The util-linux-ng packages contain a large variety of low-level system utilities that are necessary for a Linux operating system to function. Multiple flaws were found in the way the mount and umount commands performed mtab mounted file systems table file updates. A local, unprivileged user allow...

RedHat Update for util-linux-ng RHSA-2011:1691-03

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for glibc RHSA-2011:1526-03

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...