VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
CVE-2010-2961
mountall: mountall.c in mountall before 2.15.2 uses 0666 perm...
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2961

Original

mountall.c in mountall before 2.15.2 uses 0666 permissions for the root.rules file, which allows local users to gain privileges by modifying this file.

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
NIST NVD
First Published:
2010-09-14
Source Information Category:
Advisory, Alert
Last Updated:
2010-09-15




Affected Product Tags
cpe:/a:scott_james_remnant:mountall:1.0
cpe:/a:scott_james_remnant:mountall:2.14 and previous versions
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

X Local [?]
Adjacent Network [?]
Network [?]
[Access Complexit]  [?]
Undefined [?]

High [?]
X Medium [?]
Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
Single [?]
X None [?]
[Confidentiality Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
[Integrity Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
[Availability Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
Alternatives




References
CONFIRM https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/591807




OSVDB 67914




SECUNIA 41351




UBUNTU USN-985-1




VUPEN ADV-2010-2342




Vulnerability Type Race Conditions (CWE-362)




Copyright © 2010 JPCERT/CC All Rights Reserved.