cve-2005-2876
Vulnerability from cvelistv5
Published
2005-09-13 04:00
Modified
2024-08-07 22:53
Severity ?
EPSS score ?
Summary
umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just the read-only flag, which effectively clears the nosuid, nodev, and other flags.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:53:28.946Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101960",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101960-1"
},
{
"name": "17133",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17133"
},
{
"name": "FLSA:168326",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419774/100/0/threaded"
},
{
"name": "utillinux-umount-gain-privileges(22241)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22241"
},
{
"name": "19369",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19369"
},
{
"name": "DSA-823",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-823"
},
{
"name": "SUSE-SR:2005:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_21_sr.html"
},
{
"name": "16785",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16785"
},
{
"name": "2005-0049",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112690609622266\u0026w=2"
},
{
"name": "16988",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16988"
},
{
"name": "DSA-825",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-825"
},
{
"name": "17154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17154"
},
{
"name": "USN-184",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-184-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm"
},
{
"name": "18502",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18502"
},
{
"name": "oval:org.mitre.oval:def:10921",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10921"
},
{
"name": "17027",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17027"
},
{
"name": "20050912 util-linux: unintentional grant of privileges by umount",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112656096125857\u0026w=2"
},
{
"name": "17004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17004"
},
{
"name": "14816",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14816"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just the read-only flag, which effectively clears the nosuid, nodev, and other flags."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "101960",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101960-1"
},
{
"name": "17133",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17133"
},
{
"name": "FLSA:168326",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/419774/100/0/threaded"
},
{
"name": "utillinux-umount-gain-privileges(22241)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22241"
},
{
"name": "19369",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19369"
},
{
"name": "DSA-823",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-823"
},
{
"name": "SUSE-SR:2005:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_21_sr.html"
},
{
"name": "16785",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16785"
},
{
"name": "2005-0049",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112690609622266\u0026w=2"
},
{
"name": "16988",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16988"
},
{
"name": "DSA-825",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-825"
},
{
"name": "17154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17154"
},
{
"name": "USN-184",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-184-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm"
},
{
"name": "18502",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18502"
},
{
"name": "oval:org.mitre.oval:def:10921",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10921"
},
{
"name": "17027",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17027"
},
{
"name": "20050912 util-linux: unintentional grant of privileges by umount",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112656096125857\u0026w=2"
},
{
"name": "17004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17004"
},
{
"name": "14816",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14816"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-2876",
"datePublished": "2005-09-13T04:00:00",
"dateReserved": "2005-09-13T00:00:00",
"dateUpdated": "2024-08-07T22:53:28.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2005-2876\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2005-09-13T23:03:00.000\",\"lastModified\":\"2024-11-21T00:00:38.403\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just the read-only flag, which effectively clears the nosuid, nodev, and other flags.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.8.1_alpha:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33EBEAFD-9506-4F5D-B145-97A998752D10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.8_12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FCE2B16-1699-4998-8AB9-CD6BD66D4EC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.9i:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8473B1B6-F64B-4A94-A436-AAB7C10912A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.9w:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8996CAE7-3CFE-4481-B4F8-944A3B1B748A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.10f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95CBB57F-72BC-4899-A1F5-82A8BAF26B79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.10m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4ED60F9-A0E5-4049-8E3F-B7DC2A2F7D77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.10p:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73D64FC4-EE57-4C5A-ABC1-B8C6351585FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.11f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE56638F-4097-4754-80A8-88EC5DAB132A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.11n:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5373C2C3-A866-4DF4-96D9-D00F5BF07D34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.11q:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4DD2A16-D7AA-45DC-8B19-C51BBEEE3AE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.11r:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A57348A8-EA3B-4D7A-9156-94AFC9818EF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.11w:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86899B54-F091-4D70-9297-3F3C027EDDC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.11x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"664298E8-22D1-4080-8C5C-F66D0B00B5E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.11y:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3B84FF0-B48C-4373-B697-214FF6A74989\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.11z:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE4519C9-569D-4466-B010-CCE9B1744323\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.12a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5A0D9EB-8FB6-41EB-9ED2-94B5C397430B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.12b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"923880C5-C499-4F64-BA8E-F8388E03CF02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.12i:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1575911-8617-400C-BDFD-1F230C366A9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.12j:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"823F2832-A2FC-4443-898E-207EB2D560E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.12k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CE5A6BC-B02A-4A9E-941A-6EDE3B96F5D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.12o:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A81ECE3B-93A6-4A8E-92F8-3AE6DA1E4EE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.12p:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FA7F4D3-1B94-46F0-B0BA-03B166823789\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.12q:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07AB6672-CA16-4ACE-8939-AE833359FA3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.13_pre1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33AB7B0C-56BE-4B72-B413-05779FF3261E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:andries_brouwer:util-linux:2.13_pre2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59EED347-3CB1-4F51-86E2-5350EDEC186E\"}]}]}],\"references\":[{\"url\":\"http://marc.info/?l=bugtraq\u0026m=112656096125857\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=112690609622266\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/16785\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/16988\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/17004\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/17027\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/17133\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/17154\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/18502\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-101960-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2005/dsa-823\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2005/dsa-825\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2005_21_sr.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.osvdb.org/19369\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/419774/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/14816\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/usn-184-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/22241\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10921\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=112656096125857\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=112690609622266\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/16785\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/16988\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/17004\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/17027\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/17133\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/17154\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/18502\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-101960-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2005/dsa-823\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2005/dsa-825\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2005_21_sr.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/19369\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/419774/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/14816\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/usn-184-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/22241\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10921\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.