Computer Security
[EN] securityvulns.ru no-pyccku


fuse NTFS-3G privilege escalation
Published:25.05.2015
Source:
SecurityVulns ID:14501
Type:local
Threat Level:
5/10
Description:Insufficient filtering of environment variables.
Affected:FUSE : ntfs-3g 2014.2
CVE:CVE-2015-3202 (fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 3268-1] ntfs-3g security update (25.05.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod