Vulnerability Details : CVE-2011-1837
The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors.
Products affected by CVE-2011-1837
- cpe:2.3:a:ecryptfs:ecryptfs_utils:59:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs_utils:60:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs_utils:61:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs_utils:58:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:*:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:66:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:67:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:74:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:75:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:76:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:83:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:84:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:62:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:63:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:70:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:71:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:79:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:80:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:87:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:68:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:69:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:77:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:78:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:85:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:86:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:64:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:65:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:72:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:73:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:81:*:*:*:*:*:*:*
- cpe:2.3:a:ecryptfs:ecryptfs-utils:82:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1837
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1837
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.6
|
LOW | AV:L/AC:L/Au:N/C:N/I:P/A:P |
3.9
|
4.9
|
NIST |
CWE ids for CVE-2011-1837
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1837
-
https://bugzilla.redhat.com/show_bug.cgi?id=729465
729465 – (CVE-2011-1831, CVE-2011-1832, CVE-2011-1834, CVE-2011-1835, CVE-2011-1837) CVE-2011-1831 CVE-2011-1832 CVE-2011-1834 CVE-2011-1835 CVE-2011-1837 ecryptfs: multiple flaws to mount/umount arbiVendor Advisory
-
http://www.ubuntu.com/usn/USN-1188-1
USN-1188-1: eCryptfs vulnerabilities | Ubuntu security notices
-
https://launchpad.net/ecryptfs/+download
eCryptfs project files : eCryptfs
-
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html
[security-announce] SUSE-SU-2011:0898-1: important: Security update for
Jump to