mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.
CPE | Name | Operator | Version |
---|---|---|---|
ubuntu_linux | eq | 7.04 | |
ubuntu_linux | eq | 6.10 | |
ubuntu_linux | eq | 6.06 | |
debian_linux | eq | 3.1 | |
fedora | eq | 7 | |
util-linux | le | 2.13.1.1 |
bugs.gentoo.org/show_bug.cgi?id=195390
frontal2.mandriva.com/en/security/advisories?name=MDKSA-2007:198
git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=ebbeb2c7ac1b00b6083905957837a271e80b187e
lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html
lists.vmware.com/pipermail/security-announce/2008/000002.html
secunia.com/advisories/27104
secunia.com/advisories/27122
secunia.com/advisories/27145
secunia.com/advisories/27188
secunia.com/advisories/27283
secunia.com/advisories/27354
secunia.com/advisories/27399
secunia.com/advisories/27687
secunia.com/advisories/28348
secunia.com/advisories/28349
secunia.com/advisories/28368
secunia.com/advisories/28469
security.gentoo.org/glsa/glsa-200710-18.xml
support.avaya.com/elmodocs2/security/ASA-2008-023.htm
www.debian.org/security/2008/dsa-1449
www.debian.org/security/2008/dsa-1450
www.redhat.com/support/errata/RHSA-2007-0969.html
www.securityfocus.com/archive/1/485936/100/0/threaded
www.securityfocus.com/archive/1/486859/100/0/threaded
www.securityfocus.com/bid/25973
www.securitytracker.com/id?1018782
www.ubuntu.com/usn/usn-533-1
www.vmware.com/security/advisories/VMSA-2008-0001.html
www.vupen.com/english/advisories/2007/3417
www.vupen.com/english/advisories/2008/0064
bugzilla.redhat.com/show_bug.cgi?id=320041
issues.rpath.com/browse/RPL-1757
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10101
www.redhat.com/archives/fedora-package-announce/2007-October/msg00144.html