Computer Security
[EN] securityvulns.ru no-pyccku


autofs privilege escalation
Published:13.01.2008
Source:
SecurityVulns ID:8562
Type:local
Threat Level:
5/10
Description:nosuid and nodev flags are not specified for NFS.
Affected:AUTOFS : autofs 5.0
CVE:CVE-2007-6285 (The default configuration for autofs 5 (autofs5) on Red Hat Enterprise Linux (RHEL) 4 and 5 does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special device files on that server.)
 CVE-2007-5964

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod