CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
5.1%
The encrypted private-directory setup process in
utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly
ensure that the passphrase file is created, which might allow local users
to bypass intended access restrictions at a certain time in the new-user
creation steps.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | ecryptfs-utils | < 83-0ubuntu3.2.10.04.1 | UNKNOWN |
ubuntu | 10.10 | noarch | ecryptfs-utils | < 83-0ubuntu3.2.10.10.1 | UNKNOWN |
ubuntu | 11.04 | noarch | ecryptfs-utils | < 87-0ubuntu1.1 | UNKNOWN |