CVE-2011-1676

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2011-1676
mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations.

3.3 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:M/Au:N/C:P/I:P/A:N

Exploitability : 3.4 / Impact : 4.9

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://openwall.com/lists/oss-security/2011/03/14/16
http://openwall.com/lists/oss-security/2011/03/14/7
http://openwall.com/lists/oss-security/2011/03/15/6
http://openwall.com/lists/oss-security/2011/03/31/3 Exploit
http://openwall.com/lists/oss-security/2011/03/04/11
http://openwall.com/lists/oss-security/2011/03/04/10
http://openwall.com/lists/oss-security/2011/03/04/9
http://openwall.com/lists/oss-security/2011/03/07/9
http://openwall.com/lists/oss-security/2011/04/01/2
https://bugzilla.redhat.com/show_bug.cgi?id=688980 Exploit
http://openwall.com/lists/oss-security/2011/03/05/7
http://openwall.com/lists/oss-security/2011/03/05/3
http://openwall.com/lists/oss-security/2011/03/22/4
http://openwall.com/lists/oss-security/2011/03/14/5
http://openwall.com/lists/oss-security/2011/03/04/12
http://openwall.com/lists/oss-security/2011/03/31/4
http://openwall.com/lists/oss-security/2011/03/22/6
https://exchange.xforce.ibmcloud.com/vulnerabilities/66704
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:linux:util-linux:*:*:*:*:*:*:*:*
cpe:2.3:a:linux:util-linux:2.18:*:*:*:*:*:*:*
cpe:2.3:a:linux:util-linux:2.12:pre:*:*:*:*:*:*
cpe:2.3:a:linux:util-linux:2.11:*:*:*:*:*:*:*
cpe:2.3:a:linux:util-linux:2.13:*:*:*:*:*:*:*
cpe:2.3:a:linux:util-linux:2.13:pre:*:*:*:*:*:*
cpe:2.3:a:linux:util-linux:2.12:*:*:*:*:*:*:*
cpe:2.3:a:linux:util-linux:2.5:*:*:*:*:*:*:*
cpe:2.3:a:linux:util-linux:2.2:*:*:*:*:*:*:*
cpe:2.3:a:linux:util-linux:2.17:*:*:*:*:*:*:*
cpe:2.3:a:linux:util-linux:2.16:*:*:*:*:*:*:*
cpe:2.3:a:linux:util-linux:2.10:*:*:*:*:*:*:*
cpe:2.3:a:linux:util-linux:2.14:*:*:*:*:*:*:*
cpe:2.3:a:linux:util-linux:2.8:*:*:*:*:*:*:*
cpe:2.3:a:linux:util-linux:2.7:*:*:*:*:*:*:*
cpe:2.3:a:linux:util-linux:2.9:*:*:*:*:*:*:*
cpe:2.3:a:linux:util-linux:2.15:*:*:*:*:*:*:*
Information

Published : 2011-04-09 19:55

Updated : 2017-08-16 18:34

NVD link : CVE-2011-1676

Mitre link : CVE-2011-1676

JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa
Products Affected

linux

  • util-linux