Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Производитель ПО
Наименование ПО
losetup
(Unknown)
Описание
Операции mount и umount в util-linux и loop-aes-utils вызывают функции setuid и setgid в неправильном порядке и не проверяют возвращаемые значения, что может позволить злоумышленникам повысить привилегии, используя helpers, например, mount.nfs.
Как исправить
Для устранения уязвимости необходимо установить последнюю версию продукта, соответствующую используемой платформе. Необходимую информацию можно получить по адресу:
https://rhn.redhat.com/errata/RHSA-2007-0969.html
https://rhn.redhat.com/errata/RHSA-2007-0969.html
Ссылки
FEDORA (FEDORA-2007-2462): https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00144.html
CONFIRM (https://issues.rpath.com/browse/RPL-1757): https://issues.rpath.com/browse/RPL-1757
CONFIRM (https://bugzilla.redhat.com/show_bug.cgi?id=320041): https://bugzilla.redhat.com/show_bug.cgi?id=320041
CONFIRM (http://www.vmware.com/security/advisories/VMSA-2008-0001.html): http://www.vmware.com/security/advisories/VMSA-2008-0001.html
UBUNTU (USN-533-1): http://www.ubuntu.com/usn/usn-533-1
SECTRACK (1018782): http://www.securitytracker.com/id?1018782
BID (25973): http://www.securityfocus.com/bid/25973
BUGTRAQ (20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages): http://www.securityfocus.com/archive/1/archive/1/486859/100/0/threaded
BUGTRAQ (20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages): http://www.securityfocus.com/archive/1/archive/1/485936/100/0/threaded
REDHAT (RHSA-2007:0969): http://www.redhat.com/support/errata/RHSA-2007-0969.html
VUPEN (ADV-2007-3417): http://www.frsirt.com/english/advisories/2007/3417
DEBIAN (DSA-1450): http://www.debian.org/security/2008/dsa-1450
DEBIAN (DSA-1449): http://www.debian.org/security/2008/dsa-1449
CONFIRM (http://support.avaya.com/elmodocs2/security/ASA-2008-023.htm): http://support.avaya.com/elmodocs2/security/ASA-2008-023.htm
GENTOO (GLSA-200710-18): http://security.gentoo.org/glsa/glsa-200710-18.xml
MLIST ([Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages): http://lists.vmware.com/pipermail/security-announce/2008/000002.html
SUSE (SUSE-SR:2007:022): http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html
CONFIRM (http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=ebbeb2c7ac1b00b6083905957837a271e80b187e): http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=ebbeb2c7ac1b00b6083905957837a271e80b187e
MANDRIVA (MDKSA-2007:198): http://frontal2.mandriva.com/en/security/advisories?name=MDKSA-2007:198
CONFIRM (http://bugs.gentoo.org/show_bug.cgi?id=195390): http://bugs.gentoo.org/show_bug.cgi?id=195390
VUPEN (ADV-2008-0064): http://www.frsirt.com/english/advisories/2008/0064
CONFIRM (https://issues.rpath.com/browse/RPL-1757): https://issues.rpath.com/browse/RPL-1757
CONFIRM (https://bugzilla.redhat.com/show_bug.cgi?id=320041): https://bugzilla.redhat.com/show_bug.cgi?id=320041
CONFIRM (http://www.vmware.com/security/advisories/VMSA-2008-0001.html): http://www.vmware.com/security/advisories/VMSA-2008-0001.html
UBUNTU (USN-533-1): http://www.ubuntu.com/usn/usn-533-1
SECTRACK (1018782): http://www.securitytracker.com/id?1018782
BID (25973): http://www.securityfocus.com/bid/25973
BUGTRAQ (20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages): http://www.securityfocus.com/archive/1/archive/1/486859/100/0/threaded
BUGTRAQ (20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages): http://www.securityfocus.com/archive/1/archive/1/485936/100/0/threaded
REDHAT (RHSA-2007:0969): http://www.redhat.com/support/errata/RHSA-2007-0969.html
VUPEN (ADV-2007-3417): http://www.frsirt.com/english/advisories/2007/3417
DEBIAN (DSA-1450): http://www.debian.org/security/2008/dsa-1450
DEBIAN (DSA-1449): http://www.debian.org/security/2008/dsa-1449
CONFIRM (http://support.avaya.com/elmodocs2/security/ASA-2008-023.htm): http://support.avaya.com/elmodocs2/security/ASA-2008-023.htm
GENTOO (GLSA-200710-18): http://security.gentoo.org/glsa/glsa-200710-18.xml
MLIST ([Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages): http://lists.vmware.com/pipermail/security-announce/2008/000002.html
SUSE (SUSE-SR:2007:022): http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html
CONFIRM (http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=ebbeb2c7ac1b00b6083905957837a271e80b187e): http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=ebbeb2c7ac1b00b6083905957837a271e80b187e
MANDRIVA (MDKSA-2007:198): http://frontal2.mandriva.com/en/security/advisories?name=MDKSA-2007:198
CONFIRM (http://bugs.gentoo.org/show_bug.cgi?id=195390): http://bugs.gentoo.org/show_bug.cgi?id=195390
VUPEN (ADV-2008-0064): http://www.frsirt.com/english/advisories/2008/0064