Total
7 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-5188 | 1 Ecryptfs | 1 Ecryptfs Utils | 2017-09-28 | 7.2 HIGH | N/A |
The (1) ecryptfs-setup-private, (2) ecryptfs-setup-confidential, and (3) ecryptfs-setup-pam-wrapped.sh scripts in ecryptfs-utils 45 through 61 in eCryptfs place cleartext passwords on command lines, which allows local users to obtain sensitive information by listing the process. | |||||
CVE-2011-1831 | 1 Ecryptfs | 2 Ecryptfs-utils, Ecryptfs Utils | 2014-03-07 | 4.6 MEDIUM | N/A |
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call. | |||||
CVE-2011-1832 | 1 Ecryptfs | 2 Ecryptfs-utils, Ecryptfs Utils | 2014-03-07 | 2.1 LOW | N/A |
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call. | |||||
CVE-2011-1834 | 1 Ecryptfs | 2 Ecryptfs-utils, Ecryptfs Utils | 2014-03-07 | 2.1 LOW | N/A |
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) or bypass intended unmounting restrictions via a umount system call. | |||||
CVE-2011-1835 | 1 Ecryptfs | 2 Ecryptfs-utils, Ecryptfs Utils | 2014-03-07 | 4.4 MEDIUM | N/A |
The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps. | |||||
CVE-2011-1836 | 1 Ecryptfs | 2 Ecryptfs-utils, Ecryptfs Utils | 2014-03-07 | 4.6 MEDIUM | N/A |
utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process. | |||||
CVE-2011-1837 | 1 Ecryptfs | 2 Ecryptfs-utils, Ecryptfs Utils | 2014-03-07 | 3.6 LOW | N/A |
The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors. |