Lucene search

Veracode Vulnerability DatabaseVERACODE:24719

HistoryApr 10, 2020 - 1:02 a.m.

Arbitrary File Write

2020-04-1001:02:46

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

JSON

encryptfs-utils is vulnerable to arbitrary file write. A race condition flaw in mount.ecryptfs_private could allow a local attacker to overwrite arbitrary files.

CPENameOperatorVersion
ecryptfs-utilseq41__1.el5
ecryptfs-utilseq56__8.el5
ecryptfs-utilseq41__1.el5
ecryptfs-utilseq56__8.el5

Name	Operator	Version
ecryptfs-utils	eq	41__1.el5
ecryptfs-utils	eq	56__8.el5
ecryptfs-utils	eq	41__1.el5
ecryptfs-utils	eq	56__8.el5

References

lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html

www.ubuntu.com/usn/USN-1188-1

access.redhat.com/errata/RHSA-2011:1241

access.redhat.com/security/updates/classification/#moderate

access.redhat.com/support/offerings/techpreview/

bugzilla.redhat.com/show_bug.cgi?id=729465

launchpad.net/ecryptfs/+download

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

JSON

Related for VERACODE:24719