EUVD-2007-5934

Malware in sbrugna...

Scientific Linux Security Update : autofs on SL5.x i386/x86_64

There was a security issue with the default installed configuration of autofs version 5 whereby the entry for the 'hosts' map did not specify the 'nosuid' mount option. A local user with control of a remote nfs server could create a setuid root executable within an exported filesystem on the remo...

USN-1499-1: Linux kernel (OMAP4) vulnerability

A flaw was discovered in the Linux kernel's NFSv4 Network file system handling of ACLs access control lists. A remote NFS server attacker could cause a denial of service OOPS...

USN-1489-1: Linux kernel (Oneiric backport) vulnerability

A flaw was discovered in the Linux kernel's NFSv4 Network file system handling of ACLs access control lists. A remote NFS server attacker could cause a denial of service OOPS...

CentOS 5 : autofs (CESA-2007:1176)

Updated autofs packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The autofs utility controls the operation of the automount daemon, which automatically mounts...

Mandriva Linux Security Advisory : autofs (MDVSA-2008:009-1)

The default behaviour of autofs 5 for the hosts map did not specify the nosuid and nodev mount options. This could allow a local user with control of a remote NFS server to create a setuid root executable on the exported filesystem of the remote NFS server. If this filesystem was mounted with the...

Mandriva Update for autofs MDVSA-2008:009-1 (autofs)

Check for the Version of autofs OpenVAS Vulnerability Test Mandriva Update for autofs MDVSA-2008:009-1 autofs Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

RHEL 4 : autofs5 (RHSA-2007:1177)

Updated autofs5 technology preview packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The autofs utility controls the operation of the automount daemon, which...

CentOS 4 : autofs5 (CESA-2007:1177)

Updated autofs5 technology preview packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The autofs utility controls the operation of the automount daemon, which...

CVE-2007-5964

The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux RHEL 5, omits the nosuid option for the hosts /net filesystem map, which allows local users to gain privileges via a setuid program on a remote NFS server...

Default configuration

The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux RHEL 5, omits the nosuid option for the hosts /net filesystem map, which allows local users to gain privileges via a setuid program on a remote NFS server...

CVE-2007-5964

The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux RHEL 5, omits the nosuid option for the hosts /net filesystem map, which allows local users to gain privileges via a setuid program on a remote NFS server...

autofs security update

CentOS Errata and Security Advisory CESA-2007:1128 Updated autofs packages are now available to fix a security flaw for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The autofs utility controls the operation of th...

autofs defaults don't restrict suid in /net

The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux RHEL 5, omits the nosuid option for the hosts /net filesystem map, which allows local users to gain privileges via a setuid program on a remote NFS server...