Back to search
CVE-2005-2876
Published: Sep 13, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just the read-only flag, which effectively clears the nosuid, nodev, and other flags.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
101960
vendor-advisory
x_refsource_SUNALERT
17133
third-party-advisory
x_refsource_SECUNIA
FLSA:168326
vendor-advisory
x_refsource_FEDORA
utillinux-umount-gain-privileges(22241)
vdb-entry
x_refsource_XF
19369
vdb-entry
x_refsource_OSVDB
DSA-823
vendor-advisory
x_refsource_DEBIAN
SUSE-SR:2005:021
vendor-advisory
x_refsource_SUSE
16785
third-party-advisory
x_refsource_SECUNIA
2005-0049
vendor-advisory
x_refsource_TRUSTIX
16988
third-party-advisory
x_refsource_SECUNIA
DSA-825
vendor-advisory
x_refsource_DEBIAN
17154
third-party-advisory
x_refsource_SECUNIA
USN-184
vendor-advisory
x_refsource_UBUNTU
http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm
x_refsource_MISC
18502
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:10921
vdb-entry
signature
x_refsource_OVAL
17027
third-party-advisory
x_refsource_SECUNIA
20050912 util-linux: unintentional grant of privileges by umount
mailing-list
x_refsource_BUGTRAQ
17004
third-party-advisory
x_refsource_SECUNIA
14816
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now