Bug 8543 - FUSE "fusermount" Mountpoint Handling Vulnerability
: FUSE "fusermount" Mountpoint Handling Vulnerability
Status: CLOSED FIXED
: Sisyphus
(All bugs in Sisyphus/fuse)
: unstable
: all Linux
: P2 major
Assigned To:
:
: http://secunia.com/advisories/17691/
:
:
:
  Show dependency tree
 
Reported: 2005-11-23 16:23 by
Modified: 2006-01-24 14:22 (History)


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From 2005-11-23 16:24:01
Thomas Biege has reported a vulnerability in FUSE, which potentially can be  
exploited by malicious, local users to perform certain actions on a vulnerable  
system with escalated privileges.  
   
The vulnerability is caused due to "fusermount" failing to properly handle user  
supplied mountpoints that contain certain characters such as newline, tab, and  
backslash. This can be exploited to corrupt the "/etc/mtab" file and  
potentially allowing the attacker to set unauthorized mount options.  
   
Successful exploitation requires that "fusermount" is suid root.  
 
Solution: 
Update to version 2.4.2. 
 
p.s.: в gentoo уже убновились 
p.s.2: оно у нас не suid'ное :)
------- Comment #1 From 2005-11-29 22:13:10 -------
обновлена