Fuse DTSA (DTSA-27-1)

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@3325 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Neil McGovern <neilm@debian.org> 2006-01-20 11:24:15 +0000
committer: Neil McGovern <neilm@debian.org> 2006-01-20 11:24:15 +0000
commit: edf59ab093073ec3c68c0e707539ce373593879a (patch)
tree: afe30bbac74e698c6a78c10c707c7e5fa92571fd /data/DTSA/advs
parent: f2a9c07140fed4fd9ad48e56f947076a41a34b4a (diff)
1 files changed, 22 insertions, 0 deletions
diff --git a/data/DTSA/advs/27-fuse.adv b/data/DTSA/advs/27-fuse.adv
new file mode 100644
index 0000000000..e439eaee1b
--- /dev/null
+++ b/data/DTSA/advs/27-fuse.adv
@@ -0,0 +1,22 @@
+source: fuse
+date: Janurary 20th, 2006
+author: Neil McGovern
+vuln-type: potential data corruption when installed seduid root
+problem-scope: local
+debian-specifc: no
+cve: CVE-2005-3531
+vendor-advisory: 
+testing-fix: 2.3.0-4.2etch1
+sid-fix: 2.4.1-0.1
+upgrade: apt-get upgrade
+
+Thomas Biege discovered that fusermount in FUSE before 2.4.1, if installed
+setuid root, allows local users to corrupt /etc/mtab and possibly modify mount
+options by performing a mount over a directory whose name contains certain
+special characters
+
+Successful exploitation could result in a denial of service if mount options
+become unusable. An attacker can also exploit this issue to add arbitrary mount
+points that could grant the attacker read and possibly write access to
+otherwise restricted or privileged mount points. Other attacks are also
+possible.
author	Neil McGovern <neilm@debian.org>	2006-01-20 11:24:15 +0000
committer	Neil McGovern <neilm@debian.org>	2006-01-20 11:24:15 +0000
commit	edf59ab093073ec3c68c0e707539ce373593879a (patch)
tree	afe30bbac74e698c6a78c10c707c7e5fa92571fd /data/DTSA/advs
parent	f2a9c07140fed4fd9ad48e56f947076a41a34b4a (diff)