Linux mount / umount privilege escalation
Published:		10.10.2007
Source:		BUGTRAQ
SecurityVulns ID:		8230
Type:		local
Level:		6/10
Description:		Invalid order of setuid / setgid calls and unchecked return value.

CVE:

CVE-2007-5191 (mount and umount in util-linux call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.)

Original document

RPATH, rPSA-2007-0212-1 util-linux (10.10.2007)

Discuss:

Read or add your comments to this news (0 comments)