pam_mount 'luserconf' Local Privilege Escalation Vulnerability
BID:31041
Info
pam_mount 'luserconf' Local Privilege Escalation Vulnerability
| Bugtraq ID: | 31041 |
| Class: | Access Validation Error |
| CVE: |
CVE-2008-3970 |
| Remote: | No |
| Local: | Yes |
| Published: | Sep 06 2008 12:00AM |
| Updated: | Oct 20 2008 03:16PM |
| Credit: | Jan Engelhardt |
| Vulnerable: |
S.u.S.E. openSUSE 11.0 S.u.S.E. openSUSE 10.3 S.u.S.E. openSUSE 10.2 pam_mount pam_mount 0.45 pam_mount pam_mount 0.10 Mandriva Linux Mandrake 2008.1 x86_64 Mandriva Linux Mandrake 2008.1 Mandriva Linux Mandrake 2008.0 x86_64 Mandriva Linux Mandrake 2008.0 Mandriva Linux Mandrake 2007.1 x86_64 Mandriva Linux Mandrake 2007.1 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 4.0 |
| Not Vulnerable: |
pam_mount pam_mount 0.47 |
Discussion
pam_mount 'luserconf' Local Privilege Escalation Vulnerability
The 'pam_mount' PAM (Pluggable Authentication Module) module is prone to a local privilege-escalation vulnerability that stems from a regression error.
Exploiting this issue could allow attackers to execute arbitrary code with elevated privileges. Successful exploits can completely compromise affected computers.
This issue affects 'pam_mount' 0.10 through 0.45.
The 'pam_mount' PAM (Pluggable Authentication Module) module is prone to a local privilege-escalation vulnerability that stems from a regression error.
Exploiting this issue could allow attackers to execute arbitrary code with elevated privileges. Successful exploits can completely compromise affected computers.
This issue affects 'pam_mount' 0.10 through 0.45.
Exploit / POC
pam_mount 'luserconf' Local Privilege Escalation Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
pam_mount 'luserconf' Local Privilege Escalation Vulnerability
Solution:
The vendor has released fixes. Please see the references for more information.
pam_mount pam_mount 0.10
Mandriva Linux Mandrake 2008.1 x86_64
Mandriva Linux Mandrake 2008.0 x86_64
Mandriva Linux Mandrake 2008.1
Mandriva Linux Mandrake 2008.0
Mandriva Linux Mandrake 2007.1
Mandriva Linux Mandrake 2007.1 x86_64
pam_mount pam_mount 0.45
MandrakeSoft Corporate Server 4.0
MandrakeSoft Corporate Server 4.0 x86_64
Solution:
The vendor has released fixes. Please see the references for more information.
pam_mount pam_mount 0.10
-
pam_mount pam_mount-0.47.tar.gz
http://downloads.sourceforge.net/pam-mount/pam_mount-0.47.tar.lzma?mod time=1220593408&big_mirror=0
Mandriva Linux Mandrake 2008.1 x86_64
-
Mandriva pam_mount-0.33-2.1mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/
Mandriva Linux Mandrake 2008.0 x86_64
-
Mandriva pam_mount-0.17-1.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pam_mount-devel-0.17-1.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/
Mandriva Linux Mandrake 2008.1
-
Mandriva pam_mount-0.33-2.1mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Linux Mandrake 2008.0
-
Mandriva pam_mount-0.17-1.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pam_mount-devel-0.17-1.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Linux Mandrake 2007.1
-
Mandriva pam_mount-0.17-1.1mdv2007.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pam_mount-devel-0.17-1.1mdv2007.1.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Linux Mandrake 2007.1 x86_64
-
Mandriva pam_mount-0.17-1.1mdv2007.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pam_mount-devel-0.17-1.1mdv2007.1.x86_64.rpm
http://www.mandriva.com/en/download/
pam_mount pam_mount 0.45
-
pam_mount pam_mount-0.47.tar.gz
http://downloads.sourceforge.net/pam-mount/pam_mount-0.47.tar.lzma?mod time=1220593408&big_mirror=0
MandrakeSoft Corporate Server 4.0
-
Mandriva pam_mount-0.10.0-5.1.20060mlcs4.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pam_mount-devel-0.10.0-5.1.20060mlcs4.i586.rpm
http://www.mandriva.com/en/download/
MandrakeSoft Corporate Server 4.0 x86_64
-
Mandriva pam_mount-0.10.0-5.1.20060mlcs4.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pam_mount-devel-0.10.0-5.1.20060mlcs4.x86_64.rpm
http://www.mandriva.com/en/download/
References
pam_mount 'luserconf' Local Privilege Escalation Vulnerability
References:
References:
- pam_mount 0.47 Changelog (pam_mount)
- pam_mount Homepage (pam_mount)
- Re-add luserconf security checks (Jan Engelhardt )