PT-2004-3500 · Mntd · Mntd
Publicado
2004-12-31
·
Atualizado
2017-07-20
·
CVE-2004-2610
CVSS v2.0
4.6
Média
| Vetor | AV:L/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
mntd versions prior to 0.4.2
Description
The issue in mntd might allow local users to gain privileges via shell metacharacters in a remount option in the configuration file. However, typical usage would restrict write access to the configuration file, which may limit the potential impact.
Recommendations
For versions prior to 0.4.2, update to version 0.4.2 or later to resolve the issue. As a temporary workaround, consider restricting write access to the configuration file to minimize the risk of exploitation.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Mntd