Computer Security
[EN] securityvulns.ru no-pyccku


FUSE symlink vulnerabilities
Published:04.05.2013
Source:
SecurityVulns ID:13046
Type:local
Threat Level:
5/10
Description:It's possible to umount any partition.
Affected:FUSE : fuse 2.8
CVE:CVE-2010-3879 (FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-0789.)
 CVE-2010-0789 (fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an arbitrary FUSE filesystem share via a symlink attack on a mountpoint.)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod