Published: 13/09/2005 Updated: 19/10/2018

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just the read-only flag, which effectively clears the nosuid, nodev, and other flags.

Vulnerable Product	Search on Vulmon	Subscribe to Product
andries brouwer util-linux 2.11f
andries brouwer util-linux 2.11n
andries brouwer util-linux 2.11q
andries brouwer util-linux 2.12b
andries brouwer util-linux 2.12i
andries brouwer util-linux 2.13_pre2
andries brouwer util-linux 2.8.1_alpha
andries brouwer util-linux 2.10f
andries brouwer util-linux 2.11x
andries brouwer util-linux 2.11y
andries brouwer util-linux 2.12o
andries brouwer util-linux 2.12p
andries brouwer util-linux 2.9w
andries brouwer util-linux 2.11r
andries brouwer util-linux 2.11w
andries brouwer util-linux 2.12j
andries brouwer util-linux 2.12k
andries brouwer util-linux 2.8_12
andries brouwer util-linux 2.9i
andries brouwer util-linux 2.10m
andries brouwer util-linux 2.10p
andries brouwer util-linux 2.11z
andries brouwer util-linux 2.12a
andries brouwer util-linux 2.12q
andries brouwer util-linux 2.13_pre1

Synopsis util-linux and mount security update Type/Severity Security Advisory: Moderate Topic Updated util-linux and mount packages that fix two security issues are nowavailableThis update has been rated as having moderate security impact by the RedHat Security Response Team Description T ...

David Watson discovered that “umount -r” removed some restrictive mount options like the “nosuid” flag If /etc/fstab contains user-mountable removable devices which specify the “nosuid” flag (which is common practice for such devices), a local attacker could exploit this to execute arbitrary programs with root privileges by calling “ ...

David Watson discovered a bug in mount as provided by util-linux and other packages such as loop-aes-utils that allows local users to bypass filesystem access restrictions by re-mounting it read-only For the old stable distribution (woody) this problem has been fixed in version 211n-7woody1 For the stable distribution (sarge) this problem has be ...

NVD-CWE-Other http://www.ubuntu.com/usn/usn-184-1 http://www.debian.org/security/2005/dsa-823 http://www.debian.org/security/2005/dsa-825 http://secunia.com/advisories/17004 http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm http://www.securityfocus.com/bid/14816 http://www.osvdb.org/19369 http://secunia.com/advisories/16785 http://secunia.com/advisories/17154 http://secunia.com/advisories/18502 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101960-1 http://secunia.com/advisories/17133 http://www.novell.com/linux/security/advisories/2005_21_sr.html http://secunia.com/advisories/16988 http://secunia.com/advisories/17027 http://marc.info/?l=bugtraq&m=112690609622266&w=2 http://marc.info/?l=bugtraq&m=112656096125857&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/22241 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10921 http://www.securityfocus.com/archive/1/419774/100/0/threaded https://access.redhat.com/errata/RHSA-2005:782 https://usn.ubuntu.com/184-1/https://nvd.nist.gov

CVE-2005-2876

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect