1185 matches found
security flaw
umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r remount option, which causes the file system to be remounted with just the read-only flag, which effectively clears the...
Moderate: Red Hat Security Advisory: util-linux and mount security update
Updated util-linux and mount packages that fix two security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux...
security flaw
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command...
Mandrake Linux Security Advisory : util-linux (MDKSA-2005:167)
David Watson disovered that the umount utility, when using the '-r' cpmmand, could remove some restrictive mount options such as 'nosuid'. IF /etc/fstab contained user-mountable removable devices that specified nosuid, a local attacker could exploit this flaw to execute arbitrary programs with ro...
Slackware 10.0 / 10.1 / 8.1 / 9.0 / 9.1 / current : util-linux umount privilege escalation (SSA:2005-255-02)
New util-linux packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix a security issue with umount. A bug in the '-r' option could allow flags in /etc/fstab to be improperly dropped on user-mountable volumes, allowing a user to gain root privileges. %NASLMINLEVEL 7030...
Debian DSA-823-1 : util-linux - privilege escalation
David Watson discovered a bug in mount as provided by util-linux and other packages such as loop-aes-utils that allows local users to bypass filesystem access restrictions by re-mounting it read-only. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...
GLSA-200509-15 : util-linux: umount command validation error
The remote host is affected by the vulnerability described in GLSA-200509-15 util-linux: umount command validation error When a regular user mounts a filesystem, they are subject to restrictions in the /etc/fstab configuration file. David Watson discovered that when unmounting a filesystem with t...
[SECURITY] [DSA 825-1] New loop-aes-utils packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 825-1 [email protected] http://www.debian.org/security/ Martin Schulze September 29th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 823-1] New util-linux packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 823-1 [email protected] http://www.debian.org/security/ Martin Schulze September 29th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 823-1] New util-linux packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 823-1 [email protected] http://www.debian.org/security/ Martin Schulze September 29th, 2005 http://www.debian.org/security/faq -...
DSA-823-1 util-linux - privilege escalation
Bulletin has no description...
util-linux: umount command validation error
Background util-linux is a suite of useful Linux programs including umount, a program used to unmount filesystems. Description When a regular user mounts a filesystem, they are subject to restrictions in the /etc/fstab configuration file. David Watson discovered that when unmounting a filesystem...
Fedora Core 4 : util-linux-2.12p-9.11 (2005-887)
Wed Sep 14 2005 Karel Zak 2.12p-9.11 - fix 168207 - CVE-2005-2876 umount unsafe -r usage Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...
Fedora Core 3 : util-linux-2.12a-24.5 (2005-886)
Wed Sep 14 2005 Karel Zak 2.12a-24.5 - fix 168207 - CVE-2005-2876 umount unsafe -r usage Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...
CVE-2005-2876
umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r remount option, which causes the file system to be remounted with just the read-only flag, which effectively clears the...
CVE-2005-2876
umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r remount option, which causes the file system to be remounted with just the read-only flag, which effectively clears the...
DEBIAN-CVE-2005-2876
umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r remount option, which causes the file system to be remounted with just the read-only flag, which effectively clears the...
CVE-2005-2876
umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r remount option, which causes the file system to be remounted with just the read-only flag, which effectively clears the...
CVE-2005-2876
CVE-2005-2876 affects util-linux (and related packages) up to 2.12q/2.13-pre versions; local users with unmount permissions can use remount (-r) to remount a filesystem read-only, clearing nosuid, nodev, and similar flags and enabling privilege escalation. Public advisories (Debian DSA-823-1, Gen...
CVE-2005-2876
umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r remount option, which causes the file system to be remounted with just the read-only flag, which effectively clears the...