Page 2 of 7 results (0.003 seconds)

CVSS: 3.3EPSS: 0%CPEs: 25EXPL: 0

fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an arbitrary FUSE filesystem share via a symlink attack on a mountpoint. fusermount en FUSE anteriores a v2.7.5, y v2.8.x anteriores a v2.8.2, permite a usuarios locales desmontar sistemas de ficheros compartidos FUSE arbitrarios a través de un ataque de enlace simbólico en un punto de montaje. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=567633 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034518.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034580.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://secunia.com/advisories/38261 http://secunia.com/ad • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 1

FUSE 2.x before 2.3.0 does not properly clear previously used memory from unfilled pages when the filesystem returns a short byte count to a read request, which may allow local users to obtain sensitive information. • https://www.exploit-db.com/exploits/25789 http://bugs.debian.org/311634 http://secunia.com/advisories/15561 http://secunia.com/advisories/16024 http://securitytracker.com/id?1014107 http://sourceforge.net/project/shownotes.php?release_id=331884 http://www.debian.org/security/2005/dsa-744 http://www.osvdb.org/17042 http://www.securityfocus.com/bid/13857 http://www.sven-tantau.de/public_files/fuse/fuse_20050603.txt •