fusermount in FUSE before 2.4.1, if installed setuid root, allows local users to corrupt /etc/mtab and possibly modify mount options by performing a mount over a directory whose name contains certain special characters.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Fuse | Miklos_szeredi | 2.2 (including) | 2.2 (including) |
| Fuse | Miklos_szeredi | 2.2.1 (including) | 2.2.1 (including) |
| Fuse | Miklos_szeredi | 2.3.0 (including) | 2.3.0 (including) |
| Fuse | Miklos_szeredi | 2.3_rc1 (including) | 2.3_rc1 (including) |
| Fuse | Miklos_szeredi | 2.4.0 (including) | 2.4.0 (including) |
| Fuse | Ubuntu | dapper | * |
| Fuse | Ubuntu | devel | * |
| Fuse | Ubuntu | edgy | * |
| Fuse | Ubuntu | feisty | * |
References
- http://secunia.com/advisories/17691
- http://secunia.com/advisories/17695
- http://www.gentoo.org/security/en/glsa/glsa-200511-17.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:216
- http://www.securityfocus.com/bid/15529
- http://www.vupen.com/english/advisories/2005/2529
- http://secunia.com/advisories/17691
- http://secunia.com/advisories/17695
- http://www.gentoo.org/security/en/glsa/glsa-200511-17.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:216
- http://www.securityfocus.com/bid/15529
- http://www.vupen.com/english/advisories/2005/2529