CVE-2007-5191

Related Files

VMware Security Advisory 2008-0001.1

Posted Jan 24, 2008

Authored by VMware | Site vmware.com

VMware Security Advisory - There is an OpenPegasus PAM authentication buffer overflow and updated service console packages are available.

tags | advisory, overflow

advisories | CVE-2007-5360, CVE-2007-5398, CVE-2007-4572, CVE-2007-5191, CVE-2007-5116, CVE-2007-3108, CVE-2007-5135

SHA-256 | 483d9d8f7624eaf97e973bf1a873f074836e2faa50411880fd4a74ea047d49c1

Download | Favorite | View

VMware Security Advisory 2008-0001

Posted Jan 8, 2008

Authored by VMware | Site vmware.com

VMware Security Advisory - Alexander Sotirov from VMware Security Research discovered a buffer overflow vulnerability in the OpenPegasus Management server. Additionally, various service console packages have been updated.

tags | advisory, overflow

advisories | CVE-2007-5360, CVE-2007-5398, CVE-2007-4572, CVE-2007-5191, CVE-2007-5116, CVE-2007-3108, CVE-2007-5135

SHA-256 | be7e78ccb4f20704221fb7366e2271392d4aa26ec0d833801cc6ea984541e69f

Download | Favorite | View

Debian Linux Security Advisory 1450-1

Posted Jan 6, 2008

Authored by Debian | Site debian.org

Debian Security Advisory 1450-1 - It was discovered that util-linux, Miscellaneous system utilities, did not drop privileged users and groups in the correct order in the mount and umount commands. This could potentially allow a local user to gain additional privileges.

tags | advisory, local

systems | linux, debian

advisories | CVE-2007-5191

SHA-256 | 4734fc3adec246db57dff268bd354db2f13d0fcb4816a74542256e9fba9110ac

Download | Favorite | View

Debian Linux Security Advisory 1449-1

Posted Jan 6, 2008

Authored by Debian | Site debian.org

Debian Security Advisory 1449-1 - It was discovered that loop-aes-utils, tools for mounting and manipulating filesystems, didn't drop privileged users and groups in the correct order in the mount and umount commands. This could potentially allow a local user to gain additional privileges.

tags | advisory, local

systems | linux, debian

advisories | CVE-2007-5191

SHA-256 | 7ba837b3c03fe2093d868d969cfff17ad96234f1fbca2104edfba253113b86c4

Download | Favorite | View

Ubuntu Security Notice 533-1

Posted Oct 23, 2007

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 533-1 - Ludwig Nussel discovered that mount and umount did not properly drop privileges when using helper programs. Local attackers may be able to bypass security restrictions and gain root privileges using programs such as mount.nfs or mount.cifs.

tags | advisory, local, root

systems | linux, ubuntu

advisories | CVE-2007-5191

SHA-256 | 452e663fa6ac02624ced4b9e311d931598da9b08d6c91f7ebe13d2f56c4521f4

Download | Favorite | View

Gentoo Linux Security Advisory 200710-18

Posted Oct 18, 2007

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-18 - Ludwig Nussel discovered that the check_special_mountprog() and check_special_umountprog() functions call setuid() and setgid() in the wrong order and do not check the return values, which can lead to privileges being dropped improperly. Versions less than 2.12r-r8 are affected.

tags | advisory

systems | linux, gentoo

advisories | CVE-2007-5191

SHA-256 | 50f3319e4e75be09131765eacc9544265c63c59560154b3055e4fb1df1ac3acc

Download | Favorite | View

Mandriva Linux Security Advisory 2007.198

Posted Oct 16, 2007

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The mount and umount programs in util-linux called the setuid() and setgid() functions in the wrong order and did not check the return values, which could allow attackers to grain privileges via helper applications such as mount.nfs.

tags | advisory

systems | linux, mandriva

advisories | CVE-2007-5191

SHA-256 | 0eda8e230b5744477117303ec526fad47744d0cde3481d188716d2398ad9472e

Download | Favorite | View