First published: Thu Sep 20 2007(Updated: )
Common Vulnerabilities and Exposures assigned an identifier <a href="https://access.redhat.com/security/cve/CVE-2007-5191">CVE-2007-5191</a> to the following vulnerability: mount and umount in util-linux call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs. References: <a href="http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=ebbeb2c7ac1b00b6083905957837a271e80b187e">http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=ebbeb2c7ac1b00b6083905957837a271e80b187e</a>
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Kernel Util-linux | <=2.13.1.1 | |
Loop-aes-utils Project Loop-aes-utils | ||
Fedoraproject Fedora | =7 | |
Canonical Ubuntu Linux | =7.04 | |
Canonical Ubuntu Linux | =6.10 | |
Canonical Ubuntu Linux | =6.06 | |
Debian Debian Linux | =3.1 | |
redhat/2.13 | <0.54.1. | 0.54.1. |
redhat/util-linux | <0:2.12a-17.el4_6.1 | 0:2.12a-17.el4_6.1 |
redhat/util-linux | <0:2.13-0.45.el5_1.1 | 0:2.13-0.45.el5_1.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.