7 results (0.032 seconds)

CVSS: 4.6EPSS: 0%CPEs: 31EXPL: 0

CVE-2011-1834 – ecryptfs: multiple flaws to mount/umount arbitrary locations and possibly disclose confidential information

https://notcve.org/view.php?id=CVE-2011-1834

utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) or bypass intended unmounting restrictions via a umount system call. utils/mount.ecryptfs_private.c en ecryptfs-utils anterior a 90 no mantiene debidamente el archivo mtab durante condiciones de error, lo que permite a usuarios locales causar una denegación de servicio (corrupción de tabla) o evadir restricciones de desmontaje a través de una llamada al sistema umount. • http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html http://www.ubuntu.com/usn/USN-1188-1 https://bugzilla.redhat.com/show_bug.cgi?id=729465 https://launchpad.net/ecryptfs/+download https://access.redhat.com/security/cve/CVE-2011-1834 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.6EPSS: 0%CPEs: 31EXPL: 0

CVE-2011-1832 – ecryptfs: multiple flaws to mount/umount arbitrary locations and possibly disclose confidential information

https://notcve.org/view.php?id=CVE-2011-1832

utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call. utils/mount.ecryptfs_private.c en ecryptfs-utils anterior a 90 no comprueba debidamente los permisos del punto de montaje, lo que permite a usuarios locales eliminar directorios a través de una llamada al sistema umount. • http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html http://www.ubuntu.com/usn/USN-1188-1 https://bugzilla.redhat.com/show_bug.cgi?id=729465 https://launchpad.net/ecryptfs/+download https://access.redhat.com/security/cve/CVE-2011-1832 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.6EPSS: 0%CPEs: 31EXPL: 0

CVE-2011-1835 – ecryptfs: multiple flaws to mount/umount arbitrary locations and possibly disclose confidential information

https://notcve.org/view.php?id=CVE-2011-1835

The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps. El proceso de configuración de directorio privado cifrado en utils/ecryptfs-setup-private en ecryptfs-utils anterior a 90 no asegura debidamente que el archivo passphrase es creado, lo que podría permitir a usuarios locales evadir las restricciones de acceso en cierto momento en los pasos de creación de un nuevo usuario. • http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html http://www.ubuntu.com/usn/USN-1188-1 https://bugzilla.redhat.com/show_bug.cgi?id=729465 https://launchpad.net/ecryptfs/+download https://access.redhat.com/security/cve/CVE-2011-1835 • CWE-255: Credentials Management Errors •

CVSS: 4.6EPSS: 0%CPEs: 31EXPL: 0

CVE-2011-1831 – ecryptfs: multiple flaws to mount/umount arbitrary locations and possibly disclose confidential information

https://notcve.org/view.php?id=CVE-2011-1831

utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call. utils/mount.ecryptfs_private.c en ecryptfs-utils anterior a 90 no comprueba debidamente los permisos del punto de montaje, lo que permite a usuarios locales reemplazar efectivamente cualquier directorio con un sistema de archivos nuevo, y en consecuencia ganar privilegios, a través de una llamada al sistema mount. • http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html http://www.ubuntu.com/usn/USN-1188-1 https://bugzilla.redhat.com/show_bug.cgi?id=729465 https://launchpad.net/ecryptfs/+download https://access.redhat.com/security/cve/CVE-2011-1831 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.6EPSS: 0%CPEs: 31EXPL: 0

CVE-2011-1837 – ecryptfs: multiple flaws to mount/umount arbitrary locations and possibly disclose confidential information

https://notcve.org/view.php?id=CVE-2011-1837

The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors. La implementación lock-counter en utils/mount.ecryptfs_private.c en ecryptfs-utils anterior a 90 permite a usuarios locales sobreescribir archivos arbitrarios a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html http://www.ubuntu.com/usn/USN-1188-1 https://bugzilla.redhat.com/show_bug.cgi?id=729465 https://launchpad.net/ecryptfs/+download https://access.redhat.com/security/cve/CVE-2011-1837 • CWE-264: Permissions, Privileges, and Access Controls •