Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1676

Overview

Vulnerability Score 3.3 3.3
CVE Id CVE-2011-1676
Last Modified 20 Apr 2011 10:33:52
Published 09 Apr 2011 10:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1676

Summary

mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations.

Vulnerable Systems

Application

  • Util-linux 2.10

  • Util-linux 2.11

  • Util-linux 2.12

  • Util-linux 2.13

  • Util-linux 2.14

  • Util-linux 2.15

  • Util-linux 2.16

  • Util-linux 2.17

  • Util-linux 2.18

  • Util-linux 2.19

  • Util-linux 2.2

  • Util-linux 2.5

  • Util-linux 2.7

  • Util-linux 2.8

  • Util-linux 2.9


References

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=688980

XF - utillinux-mount-sec-bypass(66704)

MLIST - [oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

MLIST - [oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

MLIST - [oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

MLIST - [oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

MLIST - [oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

MLIST - [oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

MLIST - [oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

MLIST - [oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE

MLIST - [oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

MLIST - [oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE


Last Updated: 27 May 2016 10:56:24