diff options
author | Neil McGovern <neilm@debian.org> | 2006-01-20 11:24:15 +0000 |
---|---|---|
committer | Neil McGovern <neilm@debian.org> | 2006-01-20 11:24:15 +0000 |
commit | edf59ab093073ec3c68c0e707539ce373593879a (patch) | |
tree | afe30bbac74e698c6a78c10c707c7e5fa92571fd /data/DTSA/advs | |
parent | f2a9c07140fed4fd9ad48e56f947076a41a34b4a (diff) |
Fuse DTSA (DTSA-27-1)
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@3325 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data/DTSA/advs')
-rw-r--r-- | data/DTSA/advs/27-fuse.adv | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/data/DTSA/advs/27-fuse.adv b/data/DTSA/advs/27-fuse.adv new file mode 100644 index 0000000000..e439eaee1b --- /dev/null +++ b/data/DTSA/advs/27-fuse.adv @@ -0,0 +1,22 @@ +source: fuse +date: Janurary 20th, 2006 +author: Neil McGovern +vuln-type: potential data corruption when installed seduid root +problem-scope: local +debian-specifc: no +cve: CVE-2005-3531 +vendor-advisory: +testing-fix: 2.3.0-4.2etch1 +sid-fix: 2.4.1-0.1 +upgrade: apt-get upgrade + +Thomas Biege discovered that fusermount in FUSE before 2.4.1, if installed +setuid root, allows local users to corrupt /etc/mtab and possibly modify mount +options by performing a mount over a directory whose name contains certain +special characters + +Successful exploitation could result in a denial of service if mount options +become unusable. An attacker can also exploit this issue to add arbitrary mount +points that could grant the attacker read and possibly write access to +otherwise restricted or privileged mount points. Other attacks are also +possible. |