SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Generic)  >  Util-linux Vendors:  kernel.org
Util-linux mount/umount Privilege Bug Lets Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1018782
SecurityTracker URL:  http://securitytracker.com/id?1018782
CVE Reference:  CVE-2007-5191   (Links to External Site)
Date:  Oct 9 2007
Impact:  Root access via local system, User access via local system
Fix Available:  Yes   Vendor Confirmed:  Yes  
Description:  A vulnerability was reported in Util-linux. A local user can obtain elevated privileges on the target system.

The mount and umount functions do not properly drop permissions after calling set user id (setuid) and set group id (setgid) helper functions, such as 'mount.nfs'.

A local user can exploit this to execute arbitrary commands on the target system with elevated privileges.
Impact:  A local user can obtain elevated privileges on the target system.
Solution:  A source code fix is available.

The vendor's advisory is available at:

http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=ebbeb2c7ac1b00b6083905957837a271e80b187e
Cause:  Access control error, State error
Underlying OS:  Linux (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Nov 16 2007 (Red Hat Issues Fix) Util-linux mount/umount Privilege Bug Lets Local Users Gain Elevated Privileges   (bugzilla@redhat.com)
Red Hat has released a fix for Red Hat Enterprise Linux 3, 4, and 5.
Jan 8 2008 (VMware Issues Fix) Util-linux mount/umount Privilege Bug Lets Local Users Gain Elevated Privileges   (VMware Security team <security@vmware.com>)
VMware has issued a fix for ESX Server 3.0.1 and 3.0.2.


 Source Message Contents
Date:  Tue, 9 Oct 2007 08:25:00 -0400
Subject:  util-linux

 
 
CVE-2007-5191
 
http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=ebbeb2c7ac1b00b608390595783
7a271e80b187e


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2007, SecurityGlobal.net LLC