PT-2006-6541 · Linux+1 · Linux Kernel+1

Published

2005-10-05

Updated

2017-10-11

CVE-2006-5871

CVSS v2.0

4.1

Medium

Vector

AV:L/AC:M/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.6.8 and other versions Linux kernel versions 2.4.x before 2.4.34

Description The issue concerns the smbfs in the Linux kernel. When UNIX extensions are enabled, it ignores certain mount options. This could cause clients to use server-specified uid, gid, and mode settings.

Recommendations For Linux kernel version 2.6.8, consider disabling UNIX extensions to prevent the use of server-specified settings. For Linux kernel versions 2.4.x before 2.4.34, consider disabling UNIX extensions or updating to version 2.4.34 or later to prevent the use of server-specified settings. At the moment, there is no information about a newer version that contains a fix for this vulnerability for other affected versions.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5871

DSA-1233

DSA-1237

RHSA-2005:514

RHSA-2005_514

Affected Products

Linux Kernel

Red Hat

PT-2006-6541 · Linux+1 · Linux Kernel+1

CVE-2006-5871

Related Identifiers

Affected Products

References · 405