Bug 8543

Summary: FUSE "fusermount" Mountpoint Handling Vulnerability
Product: Sisyphus Reporter: Igor Zubkov <icesik>
Component: fuseAssignee: Evgeny Sinelnikov <sin>
Status: CLOSED FIXED QA Contact: qa-sisyphus
Severity: major    
Priority: P2 CC: abulava, mike, rider, sin
Version: unstable   
Hardware: all   
OS: Linux   
URL: http://secunia.com/advisories/17691/

Description Igor Zubkov 2005-11-23 16:24:01 MSK
Thomas Biege has reported a vulnerability in FUSE, which potentially can be  
exploited by malicious, local users to perform certain actions on a vulnerable  
system with escalated privileges.  
   
The vulnerability is caused due to "fusermount" failing to properly handle user  
supplied mountpoints that contain certain characters such as newline, tab, and  
backslash. This can be exploited to corrupt the "/etc/mtab" file and  
potentially allowing the attacker to set unauthorized mount options.  
   
Successful exploitation requires that "fusermount" is suid root.  
 
Solution: 
Update to version 2.4.2. 
 
p.s.: в gentoo уже убновились 
p.s.2: оно у нас не suid'ное :)
Comment 1 Denis Smirnov 2005-11-29 22:13:10 MSK
обновлена