Debian Linux Security Advisory 2382-1 - Several problems have been discovered in ecryptfs-utils, a cryptographic filesystem for Linux.
7f3fba9fb2a1cbc606e25d39de03a150254f1845a6b7f75e8a065d1aa8c34661Red Hat Security Advisory 2011-1241-01 - eCryptfs is a stacked, cryptographic file system. It is transparent to the underlying file system and provides per-file granularity. eCryptfs is released as a Technology Preview for Red Hat Enterprise Linux 5 and 6. The setuid mount.ecryptfs_private utility allows users to mount an eCryptfs file system. This utility can only be run by users in the "ecryptfs" group. A race condition flaw was found in the way mount.ecryptfs_private checked the permissions of a requested mount point when mounting an encrypted file system. A local attacker could possibly use this flaw to escalate their privileges by mounting over an arbitrary directory.
6c5fc7a1ef62462fd1abff6cb7503e6efebb23451416bf6378dfd2e8325605e1Ubuntu Security Notice 1196-1 - It was discovered that eCryptfs incorrectly handled permissions when modifying the mtab file. A local attacker could use this flaw to manipulate the mtab file, and possibly unmount arbitrary locations, leading to a denial of service.
7d893ad2ddb6646d1d9a3a724c3da2e1832ccfb7f426f7c00e84c57b0b571538
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed