CVE-2007-5191

CVSS V2 High 7.2 CVSS V3 None

Description

mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.

Overview

CVE ID
CVE-2007-5191

Assigner
secalert@redhat.com

Vulnerability Status
Analyzed

Published Version
2007-10-04T16:17:00

Last Modified Date
2020-11-04T14:59:05

Weakness Enumerations

CWE	URL
CWE-252	http://cwe.mitre.org/data/definitions/252.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version End
cpe:2.3:a:kernel:util-linux::::::::	1	OR	2.13.1.1
cpe:2.3:a:loop-aes-utils_project:loop-aes-utils:-:::::::*	1	OR
cpe:2.3:o:fedoraproject:fedora:7:::::::*	1	OR
cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*	1	OR
cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::*	1	OR
cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*	1	OR
cpe:2.3:o:debian:debian_linux:3.1:::::::*	1	OR

CVSS Version 2

Version
2.0

Vector String
AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector
LOCAL

Access Compatibility
LOW

Authentication
NONE

Confidentiality Impact
COMPLETE

Integrity Impact
COMPLETE

Availability Impact
COMPLETE

Base Score
7.2

Severity
HIGH

Exploitability Score
3.9

Impact Score
10

References

Reference URL	Reference Tags
http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=ebbeb2c7ac1b00b6083905957837a271e80b187e	Broken Link
https://issues.rpath.com/browse/RPL-1757	Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=320041	Issue Tracking Third Party Advisory
http://bugs.gentoo.org/show_bug.cgi?id=195390	Issue Tracking Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00144.html	Third Party Advisory
http://security.gentoo.org/glsa/glsa-200710-18.xml	Third Party Advisory
http://frontal2.mandriva.com/en/security/advisories?name=MDKSA-2007:198	Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0969.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html	Mailing List Third Party Advisory
http://www.ubuntu.com/usn/usn-533-1	Third Party Advisory
http://www.securityfocus.com/bid/25973	Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1018782	Third Party Advisory VDB Entry
http://secunia.com/advisories/27104	Third Party Advisory
http://secunia.com/advisories/27145	Third Party Advisory
http://secunia.com/advisories/27188	Third Party Advisory
http://secunia.com/advisories/27122	Third Party Advisory
http://secunia.com/advisories/27283	Third Party Advisory
http://secunia.com/advisories/27354	Third Party Advisory
http://secunia.com/advisories/27687	Third Party Advisory
http://secunia.com/advisories/27399	Third Party Advisory
http://www.debian.org/security/2008/dsa-1449	Third Party Advisory
http://www.debian.org/security/2008/dsa-1450	Third Party Advisory
http://secunia.com/advisories/28348	Third Party Advisory
http://secunia.com/advisories/28349	Third Party Advisory
http://lists.vmware.com/pipermail/security-announce/2008/000002.html	Third Party Advisory
http://secunia.com/advisories/28368	Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2008-023.htm	Third Party Advisory
http://secunia.com/advisories/28469	Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2008-0001.html	Third Party Advisory
http://www.vupen.com/english/advisories/2007/3417	Third Party Advisory
http://www.vupen.com/english/advisories/2008/0064	Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10101	Third Party Advisory
http://www.securityfocus.com/archive/1/486859/100/0/threaded	Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/485936/100/0/threaded	Third Party Advisory VDB Entry

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2007-5191
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5191

History

Created	Old Value	New Value	Data Type	Notes
2022-05-10 16:21:02				Added to TrackCVE