263 matches found
SUSE CVE-2011-1677
mount in util-linux 2.19 and earlier does not remove the /etc/mtab lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors...
SUSE CVE-2011-1678
smbfs in Samba 3.5.8 and earlier attempts to use 1 mount.cifs to append to the /etc/mtab file and 2 umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process wi...
SUSE CVE-2011-1681
vmware-hgfsmounter in VMware Open Virtual Machine Tools aka open-vm-tools 8.4.2-261024 and earlier attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to trigger corruption of this file via a process with a small...
SUSE CVE-2011-1749
The nfsaddmntent function in support/nfs/nfsmntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a small RLIMITFSIZE value,...
SUSE CVE-2011-3145
When mount.ecrpytfsprivate before version 87-0ubuntu1.2 calls setreuid it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfsprivate...
SUSE CVE-2011-3585
Multiple race conditions in the 1 mount.cifs and 2 umount.cifs programs in Samba 3.6 allow local users to cause a denial of service mounting outage via a SIGKILL signal during a time window when the /etc/mtab file exists...
SUSE CVE-2015-3202
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking 1 mount or 2 umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNTMTAB environment variable that is used by mount's debugging feature...
Denial Of Service (DoS)
glibc is vulnerable to denial of service. It was found that the glibc addmntent function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab mounted file systems table file. If such utilities had the setuid bit set, a local attacker could use th...
Denial Of Service (DoS)
nfs-utils is vulnerable to denial of service. It was found that the mount.nfs tool did not handle certain errors correctly when updating the mtab mounted file systems table file. A local attacker could use this flaw to corrupt the mtab file...
Privilege Escalation
util-linux is vulnerable to privilege escalation. A local, unprivileged user allowed to mount or unmount file systems could use these flaws to corrupt the mtab file and create a stale lock file, preventing other users from mounting and unmounting file systems...
Privilege Escalation
util-linux is vulnerable to privilege escalation. A local, unprivileged user allowed to mount or unmount file systems could use these flaws to corrupt the mtab file and create a stale lock file, preventing other users from mounting and unmounting file systems...
Denial Of Service (DoS)
encryptfs-utils is vulnerable to denial of service. It was found that mount.ecryptfsprivate did not handle certain errors correctly when updating the mtab mounted file systems table file, allowing a local attacker to corrupt the mtab file and possibly unmount an arbitrary file system...
Insecure Resource Limit Verification
samba does not properly verify resource limits. It was found that the mount.cifs tool did not handle certain errors correctly when updating the mtab file. If mount.cifs had the setuid bit set, a local attacker could corrupt the mtab file by setting a small file size limit before running mount.cif...
Privilege Escalation
glibc is vulnerable to privilege escalation. It was discovered that the glibc addmntent function did not sanitize its input properly. A local attacker could possibly use this flaw to inject malformed lines into /etc/mtab via certain setuid mount helpers, if the attacker were allowed to mount to a...
DEBIAN-CVE-2011-3585
Multiple race conditions in the 1 mount.cifs and 2 umount.cifs programs in Samba 3.6 allow local users to cause a denial of service mounting outage via a SIGKILL signal during a time window when the /etc/mtab file exists...
CVE-2011-3585
Multiple race conditions in the 1 mount.cifs and 2 umount.cifs programs in Samba 3.6 allow local users to cause a denial of service mounting outage via a SIGKILL signal during a time window when the /etc/mtab file exists...
Race condition
Multiple race conditions in the 1 mount.cifs and 2 umount.cifs programs in Samba 3.6 allow local users to cause a denial of service mounting outage via a SIGKILL signal during a time window when the /etc/mtab file exists...
CVE-2011-3585
Multiple race conditions in the 1 mount.cifs and 2 umount.cifs programs in Samba 3.6 allow local users to cause a denial of service mounting outage via a SIGKILL signal during a time window when the /etc/mtab file exists...
DEBIAN-CVE-2011-3145
When mount.ecrpytfsprivate before version 87-0ubuntu1.2 calls setreuid it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfsprivate...
CVE-2011-3145 mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group
When mount.ecrpytfsprivate before version 87-0ubuntu1.2 calls setreuid it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfsprivate...