Computer Security
[EN] securityvulns.ru no-pyccku


loop-aes-utils / util-linux privilege escalation
Published:06.01.2008
Source:
SecurityVulns ID:8535
Type:local
Threat Level:
5/10
Description:Group privileges are not properly dropped.
Affected:LOOPEASUTILS : loop-aes-utils 2.12
 UTILLINUX : util-linux 2.12
CVE:CVE-2007-5191 (mount and umount in util-linux call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1450-1] New util-linux packages fix programming error (06.01.2008)
 documentDEBIAN, [SECURITY] [DSA 1449-1] New loop-aes-utils packages fix programming error (06.01.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod