Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3970

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2008-3970
Last Modified 19 Aug 2009 01:19:05
Published 10 Sep 2008 09:13:47
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3970

Summary

pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify mountpoint and source ownership before mounting a user-defined volume, which allows local users to bypass intended access restrictions via a local mount.

Vulnerable Systems

Application

  • Pam Mount 0.10

  • Pam Mount 0.11

  • Pam Mount 0.12.2

  • Pam Mount 0.13

  • Pam Mount 0.15

  • Pam Mount 0.16

  • Pam Mount 0.17

  • Pam Mount 0.18

  • Pam Mount 0.19

  • Pam Mount 0.20

  • Pam Mount 0.21

  • Pam Mount 0.26

  • Pam Mount 0.27

  • Pam Mount 0.28

  • Pam Mount 0.29

  • Pam Mount 0.31

  • Pam Mount 0.32

  • Pam Mount 0.35

  • Pam Mount 0.35.1

  • Pam Mount 0.37

  • Pam Mount 0.38

  • Pam Mount 0.39

  • Pam Mount 0.40

  • Pam Mount 0.41

  • Pam Mount 0.43

  • Pam Mount 0.44

  • Pam Mount 0.45


References

XF - pammount-luserconf-privilege-escalation(44960)

BID - 31041

MLIST - [oss-security] 20080909 Re: CVE request: pam_mount < 0.47 missing security checks

MLIST - [oss-security] 20080906 CVE request: pam_mount < 0.47 missing security checks

MANDRIVA - MDVSA-2008:208

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=624240

MLIST - [pam-mount-user] 20080905 pam_mount 0.47 released

SUSE - SUSE-SR:2008:019

CONFIRM - http://dev.medozas.de/gitweb.cgi?p=pam_mount;a=commitdiff;h=33b91d7659ae3aa78b1e94fd3f8e545ae5ff25db

Related Patches

Novell SUSE 2008:5602 pam_mount security update for SLE 10 i586


Last Updated: 27 May 2016 10:48:22