7.2

CVE-2007-5191

mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
KernelUtil-linux Version <= 2.13.1.1
FedoraprojectFedora Version7
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version6.10
CanonicalUbuntu Linux Version7.04
DebianDebian Linux Version3.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.44% 0.349
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-252 Unchecked Return Value

The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

http://lists.vmware.com/pipermail/security-announce/2008/000002.html
Third Party Advisory
http://secunia.com/advisories/28368
Third Party Advisory
http://www.securityfocus.com/archive/1/485936/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/486859/100/0/threaded
Third Party Advisory
VDB Entry
http://www.vmware.com/security/advisories/VMSA-2008-0001.html
Third Party Advisory
http://www.vupen.com/english/advisories/2008/0064
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/27399
Third Party Advisory
http://bugs.gentoo.org/show_bug.cgi?id=195390
Third Party Advisory
Issue Tracking
http://frontal2.mandriva.com/en/security/advisories?name=MDKSA-2007:198
Third Party Advisory
http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=ebbeb2c7ac1b00b6083905957837a271e80b187e
http://secunia.com/advisories/27104
Third Party Advisory
http://secunia.com/advisories/27122
Third Party Advisory
http://secunia.com/advisories/27145
Third Party Advisory
http://secunia.com/advisories/27188
Third Party Advisory
http://secunia.com/advisories/27283
Third Party Advisory
http://secunia.com/advisories/27354
Third Party Advisory
http://secunia.com/advisories/27687
Third Party Advisory
http://secunia.com/advisories/28348
Third Party Advisory
http://secunia.com/advisories/28349
Third Party Advisory
http://secunia.com/advisories/28469
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200710-18.xml
Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2008-023.htm
Third Party Advisory
http://www.debian.org/security/2008/dsa-1449
Third Party Advisory
http://www.debian.org/security/2008/dsa-1450
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0969.html
Third Party Advisory
http://www.securityfocus.com/bid/25973
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1018782
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/usn-533-1
Third Party Advisory
http://www.vupen.com/english/advisories/2007/3417
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=320041
Third Party Advisory
Issue Tracking
https://issues.rpath.com/browse/RPL-1757
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10101
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00144.html
Third Party Advisory