Published: 15/02/2014 Updated: 08/03/2014

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

utils/ecryptfs-recover-private in ecryptfs-utils prior to 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ecryptfs ecryptfs-utils 65
ecryptfs ecryptfs-utils 62
ecryptfs ecryptfs-utils 70
ecryptfs ecryptfs-utils 71
ecryptfs ecryptfs-utils 78
ecryptfs ecryptfs-utils 79
ecryptfs ecryptfs-utils 86
ecryptfs ecryptfs-utils 87
ecryptfs ecryptfs-utils 66
ecryptfs ecryptfs-utils 74
ecryptfs ecryptfs-utils 75
ecryptfs ecryptfs-utils 82
ecryptfs ecryptfs-utils 83
ecryptfs ecryptfs utils 60
ecryptfs ecryptfs utils 59
ecryptfs ecryptfs utils 58
ecryptfs ecryptfs-utils 67
ecryptfs ecryptfs-utils 68
ecryptfs ecryptfs-utils 69
ecryptfs ecryptfs-utils 76
ecryptfs ecryptfs-utils 77
ecryptfs ecryptfs-utils 84
ecryptfs ecryptfs-utils 85
ecryptfs ecryptfs-utils 63
ecryptfs ecryptfs-utils 64
ecryptfs ecryptfs-utils 72
ecryptfs ecryptfs-utils 73
ecryptfs ecryptfs-utils 80
ecryptfs ecryptfs-utils 81
ecryptfs ecryptfs-utils
ecryptfs ecryptfs utils 61

eCryptfs could be tricked into mounting and unmounting arbitrary locations, and possibly disclose confidential information ...

CWE-264 https://bugzilla.redhat.com/show_bug.cgi?id=729465 https://launchpad.net/ecryptfs/+download http://www.ubuntu.com/usn/USN-1188-1 http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html https://usn.ubuntu.com/1188-1/https://nvd.nist.gov

CVE-2011-1836

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect