PT-2014-4179 · Canonical · Mountall

Published

2014-11-25

Updated

2016-12-08

CVE-2014-1421

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions mountall version 1.54

Description The issue allows local users to bypass intended access restrictions due to improper handling of the umask when using the mount utility.

Recommendations For mountall version 1.54, update to a version that properly handles the umask to prevent access restriction bypass.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2014-1421

Affected Products

Mountall

PT-2014-4179 · Canonical · Mountall

CVE-2014-1421

Weakness Enumeration

Related Identifiers

Affected Products

References · 2