| Vulnerability Name: | CVE-2005-2876 (CCN-22241) | ||||||||||||||||||||||||
| Assigned: | 2005-09-12 | ||||||||||||||||||||||||
| Published: | 2005-09-12 | ||||||||||||||||||||||||
| Updated: | 2018-10-19 | ||||||||||||||||||||||||
| Summary: | umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just the read-only flag, which effectively clears the nosuid, nodev, and other flags. | ||||||||||||||||||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||||||||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C) 5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.3 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2005-2876 Source: BUGTRAQ Type: UNKNOWN 20050912 util-linux: unintentional grant of privileges by umount Source: TRUSTIX Type: UNKNOWN 2005-0049 Source: CCN Type: BugTraq Mailing List, 2005-09-12 20:16:32 util-linux: unintentional grant of privileges by umount Source: CCN Type: RHSA-2005-782 util-linux and mount security update Source: CCN Type: SA16785 util-linux umount "-r" Re-Mounting Security Issue Source: SECUNIA Type: UNKNOWN 16785 Source: SECUNIA Type: UNKNOWN 16988 Source: SECUNIA Type: UNKNOWN 17004 Source: SECUNIA Type: UNKNOWN 17027 Source: CCN Type: SA17133 Sun Java Desktop System umount "-r" Re-Mounting Security Issue Source: SECUNIA Type: UNKNOWN 17133 Source: SECUNIA Type: UNKNOWN 17154 Source: CCN Type: SA18502 Avaya Products util-linux / mount Security Issue and Vulnerability Source: SECUNIA Type: UNKNOWN 18502 Source: SUNALERT Type: UNKNOWN 101960 Source: MISC Type: UNKNOWN http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm Source: CCN Type: ASA-2006-014 util-linux and mount security update (RHSA-2005-782) Source: DEBIAN Type: UNKNOWN DSA-823 Source: DEBIAN Type: UNKNOWN DSA-825 Source: DEBIAN Type: DSA-823 util-linux -- privilege escalation Source: DEBIAN Type: DSA-825 loop-aes-utils -- privilege escalation Source: CCN Type: GLSA-200509-15 util-linux: umount command validation error Source: CCN Type: The The Linux Kernel Archives Web site Index of /pub/linux/utils/util-linux/testing Source: SUSE Type: UNKNOWN SUSE-SR:2005:021 Source: OSVDB Type: UNKNOWN 19369 Source: CCN Type: OSVDB ID: 19369 util-linux umount -r Mount Option Removal Restriction Bypass Source: FEDORA Type: UNKNOWN FLSA:168326 Source: BID Type: UNKNOWN 14816 Source: CCN Type: BID-14816 Util-Linux UMount Remounting Filesystem Option Clearing Vulnerability Source: CCN Type: BID-16280 Util-Linux Script Command Arbitrary File Overwrite Vulnerability Source: CCN Type: USN-184-1 umount vulnerability Source: UBUNTU Type: UNKNOWN USN-184 Source: XF Type: UNKNOWN utillinux-umount-gain-privileges(22241) Source: XF Type: UNKNOWN utillinux-umount-gain-privileges(22241) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:10921 Source: SUSE Type: SUSE-SR:2005:021 SUSE Security Summary Report | ||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||
| |||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||