REDHAT-BUG-559579
First published: Thu Jan 28 2010(Updated: )
It was found that glibc's utility, responsible for editing of system's mtab table, improperly sanitized user supplied mount point names containing certain special character. Local attacker could use this flaw to add arbitrary mount points (corrupt system's "/etc/mtab" file) or, potentially, set unauthorized mount options. Other attacks are also possible. Issue severity note: ------------------- The /etc/mtab file handles mounted devices and is automatically updated by the mount command (more precisely by the dedicated "mount" tool for relevant filesystem). Unprivileged user to be able to run such a tool (and modify content of /etc/mtab), this tool needs to be suid root enabled. The dedicated "mount" tools, as shipped with Red Hat Enterprise Linux (mount.cifs, mount.fuse, fusermount, mount.nfs, mount.nfs4) does NOT allow unprivileged user to use them (without prior grant of additional privileges from the privileged user) for editing of system's /etc/mtab file, which mitigates impact of this flaw.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GNU C Library (glibc) | ||
| Red Hat Enterprise Linux |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.ubuntu.com/usn/usn-944-1
- https://access.redhat.com/security/cve/CVE-2010-0296
- http://frugalware.org/security/662
- http://sourceware.org/git/?p=glibc.git;a=commit;h=ab00f4eac8f4932211259ff87be83144f5211540
- http://www.ubuntu.com/usn/USN-944-1
- http://securitytracker.com/id?1024043
- http://secunia.com/advisories/39900
- http://www.vupen.com/english/advisories/2010/1246
- https://rhn.redhat.com/errata/RHSA-2011-0412.html
- https://rhn.redhat.com/errata/RHSA-2012-0125.html
- https://bugzilla.redhat.com/show_bug.cgi?id=559579
Frequently Asked Questions
What is the severity of REDHAT-BUG-559579?
The severity of REDHAT-BUG-559579 is considered to be high, as it allows local attackers to manipulate the mtab file.
How do I fix REDHAT-BUG-559579?
To fix REDHAT-BUG-559579, you should upgrade to the latest version of glibc that resolves this vulnerability.
Who is affected by REDHAT-BUG-559579?
REDHAT-BUG-559579 affects systems running the GNU C Library (glibc) and Red Hat Enterprise Linux.
What is the nature of the vulnerability in REDHAT-BUG-559579?
The vulnerability in REDHAT-BUG-559579 is due to improper sanitization of user-supplied mount point names in the mtab file.
Can REDHAT-BUG-559579 be exploited remotely?
No, REDHAT-BUG-559579 requires local access for an attacker to exploit the vulnerability.
- agent/type
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2010-0296
- agent/first-publish-date
- agent/source
- agent/references
- agent/severity
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/gnu
- canonical/gnu c library (glibc)
- vendor/red hat
- canonical/red hat enterprise linux