Vulnerability Details : CVE-2007-5191
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.
Products affected by CVE-2007-5191
- cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*
- cpe:2.3:a:kernel:util-linux:*:*:*:*:*:*:*:*
- cpe:2.3:a:loop-aes-utils_project:loop-aes-utils:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-5191
0.24%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 61 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-5191
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2007-5191
-
The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2007-5191
-
Red Hat 2009-06-01Updates are available to address this issue: https://rhn.redhat.com/errata/RHSA-2007-0969.html
References for CVE-2007-5191
-
http://www.debian.org/security/2008/dsa-1450
[SECURITY] [DSA 1450-1] New util-linux packages fix programming errorThird Party Advisory
-
http://support.avaya.com/elmodocs2/security/ASA-2008-023.htm
ASA-2008-023 (RHSA-2007-0969)Third Party Advisory
-
http://bugs.gentoo.org/show_bug.cgi?id=195390
195390 – sys-apps/util-linux < 2.12r-r8 Privilege Escalation Vulnerability (CVE-2007-5191)Issue Tracking;Third Party Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10101
404 Not FoundThird Party Advisory
-
http://www.ubuntu.com/usn/usn-533-1
USN-533-1: util-linux vulnerability | Ubuntu security notices | UbuntuThird Party Advisory
-
http://www.securityfocus.com/archive/1/486859/100/0/threaded
Third Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/25973
Third Party Advisory;VDB Entry
-
http://security.gentoo.org/glsa/glsa-200710-18.xml
util-linux: Local privilege escalation (GLSA 200710-18) — Gentoo securityThird Party Advisory
-
http://www.securityfocus.com/archive/1/485936/100/0/threaded
Third Party Advisory;VDB Entry
-
http://www.securitytracker.com/id?1018782
Access DeniedThird Party Advisory;VDB Entry
-
http://www.vupen.com/english/advisories/2008/0064
Site en constructionThird Party Advisory
-
https://issues.rpath.com/browse/RPL-1757
Broken Link
-
http://frontal2.mandriva.com/en/security/advisories?name=MDKSA-2007:198
MandrivaThird Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2007-0969.html
SupportThird Party Advisory
-
http://lists.vmware.com/pipermail/security-announce/2008/000002.html
502 Bad GatewayThird Party Advisory
-
http://www.debian.org/security/2008/dsa-1449
[SECURITY] [DSA 1449-1] New loop-aes-utils packages fix programming errorThird Party Advisory
-
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00144.html
[SECURITY] Fedora 7 Update: util-linux-2.13-0.54.1.fc7Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html
502 Bad GatewayMailing List;Third Party Advisory
-
http://www.vupen.com/english/advisories/2007/3417
Site en constructionThird Party Advisory
-
http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=ebbeb2c7ac1b00b6083905957837a271e80b187e
Broken Link
-
http://www.vmware.com/security/advisories/VMSA-2008-0001.html
Support Content Notification - Support Portal - Broadcom support portalThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=320041
320041 – (CVE-2007-5191) CVE-2007-5191 util-linux (u)mount doesn't drop privileges properly when calling helpersIssue Tracking;Third Party Advisory
Jump to