Lucene search
HistoryFeb 15, 2014 - 2:57 p.m.
CVE-2011-1832
cve-2011-1832
ecryptfs-utils
mountpoint permissions
umount system call
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
AI Score
8.4
Confidence
High
EPSS
0
Percentile
5.1%
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call.
Affected configurations
Node
ecryptfsecryptfs-utilsRange≤89
ORecryptfsecryptfs-utilsMatch62
ORecryptfsecryptfs-utilsMatch63
ORecryptfsecryptfs-utilsMatch64
ORecryptfsecryptfs-utilsMatch65
ORecryptfsecryptfs-utilsMatch66
ORecryptfsecryptfs-utilsMatch67
ORecryptfsecryptfs-utilsMatch68
ORecryptfsecryptfs-utilsMatch69
ORecryptfsecryptfs-utilsMatch70
ORecryptfsecryptfs-utilsMatch71
ORecryptfsecryptfs-utilsMatch72
ORecryptfsecryptfs-utilsMatch73
ORecryptfsecryptfs-utilsMatch74
ORecryptfsecryptfs-utilsMatch75
ORecryptfsecryptfs-utilsMatch76
ORecryptfsecryptfs-utilsMatch77
ORecryptfsecryptfs-utilsMatch78
ORecryptfsecryptfs-utilsMatch79
ORecryptfsecryptfs-utilsMatch80
ORecryptfsecryptfs-utilsMatch81
ORecryptfsecryptfs-utilsMatch82
ORecryptfsecryptfs-utilsMatch83
ORecryptfsecryptfs-utilsMatch84
ORecryptfsecryptfs-utilsMatch85
ORecryptfsecryptfs-utilsMatch86
ORecryptfsecryptfs-utilsMatch87
ORecryptfsecryptfs_utilsMatch58
ORecryptfsecryptfs_utilsMatch59
ORecryptfsecryptfs_utilsMatch60
ORecryptfsecryptfs_utilsMatch61
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ecryptfs | ecryptfs-utils | 68 | cpe:/a:ecryptfs:ecryptfs-utils:68::: |
| ecryptfs | ecryptfs-utils | 63 | cpe:/a:ecryptfs:ecryptfs-utils:63::: |
| ecryptfs | ecryptfs-utils | 78 | cpe:/a:ecryptfs:ecryptfs-utils:78::: |
| ecryptfs | ecryptfs-utils | 82 | cpe:/a:ecryptfs:ecryptfs-utils:82::: |
| ecryptfs | ecryptfs-utils | 62 | cpe:/a:ecryptfs:ecryptfs-utils:62::: |
| ecryptfs | ecryptfs-utils | 73 | cpe:/a:ecryptfs:ecryptfs-utils:73::: |
| ecryptfs | ecryptfs-utils | 75 | cpe:/a:ecryptfs:ecryptfs-utils:75::: |
| ecryptfs | ecryptfs-utils | 81 | cpe:/a:ecryptfs:ecryptfs-utils:81::: |
| ecryptfs | ecryptfs-utils | cpe:/a:ecryptfs:ecryptfs-utils:::: | |
| ecryptfs | ecryptfs-utils | 87 | cpe:/a:ecryptfs:ecryptfs-utils:87::: |
Related
prion
prion
Information disclosure
2014-02-15 14:57:00
debiancve
debiancve
CVE-2011-1832
2014-02-15 14:57:06
ubuntucve
ubuntucve
CVE-2011-1832
2011-08-09 00:00:00
nvd
nvd
CVE-2011-1832
2014-02-15 14:57:06
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:02:45
cvelist
cvelist
CVE-2011-1832
2014-02-15 11:00:00
openvas
openvas
Debian Security Advisory DSA 2382-1 (ecryptfs-utils)
2012-02-11 00:00:00
Debian: Security Advisory (DSA-2382-1)
2012-02-11 00:00:00
Fedora Update for ecryptfs-utils FEDORA-2011-10718
2011-09-07 00:00:00
osv
osv
ecryptfs-utils - multiple
2012-01-07 00:00:00
suse
suse
ecryptfs-utils: Update to fix various symlink race attacks (important)
2011-08-12 21:08:14
Security update for ecryptfs-utils (important)
2011-08-12 06:08:16
nessus
nessus
Oracle Linux 5 / 6 : ecryptfs-utils (ELSA-2011-1241)
2013-07-12 00:00:00
openSUSE Security Update : ecryptfs-utils (openSUSE-SU-2011:0902-1)
2014-06-13 00:00:00
openSUSE Security Update : ecryptfs-utils (openSUSE-SU-2011:0902-1)
2014-06-13 00:00:00
debian
debian
[SECURITY] [DSA 2382-1] ecryptfs-utils security update
2012-01-07 18:48:38
fedora
fedora
[SECURITY] Fedora 15 Update: ecryptfs-utils-90-1.fc15
2011-09-02 05:25:53
[SECURITY] Fedora 14 Update: ecryptfs-utils-90-1.fc14
2011-09-02 05:31:16
[SECURITY] Fedora 16 Update: ecryptfs-utils-90-1.fc16
2011-09-07 03:42:14
securityvulns
securityvulns
[USN-1188-1] eCryptfs vulnerabilities
2011-08-11 00:00:00
eCryptfs multiple security vulnerabilities
2011-08-24 00:00:00
centos
centos
ecryptfs security update
2011-09-01 16:11:04
redhat
redhat
(RHSA-2011:1241) Moderate: ecryptfs-utils security update
2011-08-31 00:00:00
ubuntu
ubuntu
eCryptfs vulnerabilities
2011-08-09 00:00:00
oraclelinux
oraclelinux
ecryptfs-utils security update
2011-08-31 00:00:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
AI Score
8.4
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVE-2011-1832