mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
21 Nov 2024, 00:37
Type | Values Removed | Values Added |
---|---|---|
References | () http://bugs.gentoo.org/show_bug.cgi?id=195390 - Issue Tracking, Third Party Advisory | |
References | () http://frontal2.mandriva.com/en/security/advisories?name=MDKSA-2007:198 - Third Party Advisory | |
References | () http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=ebbeb2c7ac1b00b6083905957837a271e80b187e - | |
References | () http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html - Mailing List, Third Party Advisory | |
References | () http://lists.vmware.com/pipermail/security-announce/2008/000002.html - Third Party Advisory | |
References | () http://secunia.com/advisories/27104 - Third Party Advisory | |
References | () http://secunia.com/advisories/27122 - Third Party Advisory | |
References | () http://secunia.com/advisories/27145 - Third Party Advisory | |
References | () http://secunia.com/advisories/27188 - Third Party Advisory | |
References | () http://secunia.com/advisories/27283 - Third Party Advisory | |
References | () http://secunia.com/advisories/27354 - Third Party Advisory | |
References | () http://secunia.com/advisories/27399 - Third Party Advisory | |
References | () http://secunia.com/advisories/27687 - Third Party Advisory | |
References | () http://secunia.com/advisories/28348 - Third Party Advisory | |
References | () http://secunia.com/advisories/28349 - Third Party Advisory | |
References | () http://secunia.com/advisories/28368 - Third Party Advisory | |
References | () http://secunia.com/advisories/28469 - Third Party Advisory | |
References | () http://security.gentoo.org/glsa/glsa-200710-18.xml - Third Party Advisory | |
References | () http://support.avaya.com/elmodocs2/security/ASA-2008-023.htm - Third Party Advisory | |
References | () http://www.debian.org/security/2008/dsa-1449 - Third Party Advisory | |
References | () http://www.debian.org/security/2008/dsa-1450 - Third Party Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2007-0969.html - Third Party Advisory | |
References | () http://www.securityfocus.com/archive/1/485936/100/0/threaded - Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/archive/1/486859/100/0/threaded - Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/25973 - Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id?1018782 - Third Party Advisory, VDB Entry | |
References | () http://www.ubuntu.com/usn/usn-533-1 - Third Party Advisory | |
References | () http://www.vmware.com/security/advisories/VMSA-2008-0001.html - Third Party Advisory | |
References | () http://www.vupen.com/english/advisories/2007/3417 - Third Party Advisory | |
References | () http://www.vupen.com/english/advisories/2008/0064 - Third Party Advisory | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=320041 - Issue Tracking, Third Party Advisory | |
References | () https://issues.rpath.com/browse/RPL-1757 - Broken Link | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10101 - Third Party Advisory | |
References | () https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00144.html - Third Party Advisory |
Information
Published : 2007-10-04 16:17
Updated : 2024-11-21 00:37
NVD link : CVE-2007-5191
Mitre link : CVE-2007-5191
CVE.ORG link : CVE-2007-5191
JSON object : View
Products Affected
canonical
- ubuntu_linux
fedoraproject
- fedora
loop-aes-utils_project
- loop-aes-utils
debian
- debian_linux
kernel
- util-linux
CWE
CWE-252
Unchecked Return Value