Sql injection

The nfsaddmntent function in support/nfs/nfsmntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a small RLIMITFSIZE value,...

Samba 3.x 'etc/mtab'文件附加本地拒绝服务漏洞

BUGTRAQ ID: 49939 CVE ID: CVE-2011-1678 Samba是一套实现SMB（Server Messages Block）协议、跨平台进行文件共享和打印共享服务的程序。 Samba 3.5.8及更早版本中的smbfs尝试使用mount.cifs附加到/etc/mtab文件，umount.cifs附加到/etc/mtab.tmp文件，而没有检查资源限制，可使本地用户通过small RLIMITFSIZE值相关进程破坏/etc/mtab文件。 0 Samba 3.x 厂商补丁： Samba -----...

nfs-utils security, bug fix, and enhancement update

1.0.9-60.0.1.el5 - Add support for resvport for unmonting orabug 13567018 1.0.9-60 - Updated idmapd.conf and idmapd.conf.man to reflect the static user name mapping 502707 - Fixed an umount regression introduced by bz 513094 bz 781931 1.0.9-59 - gss: turned of even more excessive syslogs bz 59309...

nfs-utils security, bug fix, and enhancement update

1.2.3-15 - mout.nfs: Don't roll back to IPv4 whe IPv6 fails bz 744657 - rpcdebug: Added pNFS and FSCache debugging bz 747400 1.2.3-14 - mount.nfs: Backported how upstream handles the SIGXFSZ signal bz 697981 1.2.3-13 - mount.nfs: Reworked the code that deals with RLIMITFSIZE bz 697981 1.2.3-12 -...

util-linux-ng security, bug fix, and enhancement update

2.17.2-12.4 - fix CVE-2011-1675 - mount fails to anticipate RLIMITFSIZE - fix CVE-2011-1677 - umount may fail to remove /etc/mtab lock file 2.17.2-12.3 - fix fatal typos in patch for 723546 2.17.2-12.2 - rename /etc/hushlogin to /etc/hushlogins 696731 2.17.2-12.1 - fix 723546 - Defects revealed b...

SuSE 10 Security Update : ncpfs (ZYPP Patch Number 7710)

Following issues are fixed by this update : - The ncpfs mount and umount programs were affected by the /etc/mtab truncation problems on RLIMITFSIZE. CVE-2011-1679 - on errors, the mtab lock was not removed, blocking other applications from modifying /etc/mtab. CVE-2011-1680 - we now keep the...

RHEL 4 / 5 : samba (RHSA-2011:1219)

The remote Redhat Enterprise Linux 4 / 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:1219 advisory. - samba: mount.cifs improper device name and mountpoint strings sanitization CVE-2010-0547 - samba: Race condition by mount mount.cifs...

CVE-2011-1675

mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMITFSIZE value, a related issue to CVE-2011-1089...

Sql injection

smbfs in Samba 3.5.8 and earlier attempts to use 1 mount.cifs to append to the /etc/mtab file and 2 umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process wi...

CVE-2011-1678

smbfs in Samba 3.5.8 and earlier attempts to use 1 mount.cifs to append to the /etc/mtab file and 2 umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process wi...

CVE-2011-1678

smbfs in Samba 3.5.8 and earlier attempts to use 1 mount.cifs to append to the /etc/mtab file and 2 umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process wi...