PT-2011-5200 · Canonical+1 · Ecryptfs-Utils+1

Dan Rosenberg

Publicado

1970-01-01

Atualizado

2024-06-15

CVE-2011-1831

CVSS v2.0

4.6

Média

Vetor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions ecryptfs-utils versions prior to 90

Description The issue allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call. This can lead to a violation of confidentiality, integrity, and availability of protected information. The exploitation of the issue can be carried out locally.

Recommendations As a temporary workaround, consider restricting access to the mount system call until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

BDU:2015-02608

BDU:2015-04437

BDU:2015-04438

BDU:2015-04439

BDU:2015-05975

BDU:2015-05976

BDU:2015-05977

BDU:2015-05978

BDU:2015-05979

BDU:2015-05980

BDU:2015-08749

BDU:2015-08750

BDU:2015-08751

BDU:2015-08752

BDU:2015-08753

BDU:2015-08754

CVE-2011-1831

DSA-2382-1

OPENSUSE-SU-2024:10118-1

RHSA-2011:1241

RHSA-2011_1241

Produtos afetados

Red Hat

Ecryptfs-Utils

PT-2011-5200 · Canonical+1 · Ecryptfs-Utils+1

CVE-2011-1831

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 45