Executive Summary

Summary
Title ecryptfs-utils security update
Informations
Name DSA-2382 First vendor Publication 2012-01-07
Vendor Debian Last vendor Modification 2012-01-07
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 4.6 Attack Range Local
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Several problems have been discovered in ecryptfs-utils, a cryptographic filesystem for Linux.

CVE-2011-1831

Vasiliy Kulikov of Openwall and Dan Rosenberg discovered that eCryptfs incorrectly validated permissions on the requested mountpoint. A local attacker could use this flaw to mount to arbitrary locations, leading to privilege escalation.

CVE-2011-1832

Vasiliy Kulikov of Openwall and Dan Rosenberg discovered that eCryptfs incorrectly validated permissions on the requested mountpoint. A local attacker could use this flaw to unmount to arbitrary locations, leading to a denial of service.

CVE-2011-1834

Dan Rosenberg and Marc Deslauriers discovered that eCryptfs incorrectly handled modifications to the mtab file when an error occurs. A local attacker could use this flaw to corrupt the mtab file, and possibly unmount arbitrary locations, leading to a denial of service.

CVE-2011-1835

Marc Deslauriers discovered that eCryptfs incorrectly handled keys when setting up an encrypted private directory. A local attacker could use this flaw to manipulate keys during creation of a new user.

CVE-2011-1837

Vasiliy Kulikov of Openwall discovered that eCryptfs incorrectly handled lock counters. A local attacker could use this flaw to possibly overwrite arbitrary files.

We acknowledge the work of the Ubuntu distribution in preparing patches suitable for near-direct inclusion in the Debian package.

For the oldstable distribution (lenny), these problems have been fixed in version 68-1+lenny1.

For the stable distribution (squeeze), these problems have been fixed in version 83-4+squeeze1.

For the testing distribution (wheezy) and the unstable distribution (sid), these problems have been fixed in version 95-1.

We recommend that you upgrade your ecryptfs-utils packages.

Original Source

Url : http://www.debian.org/security/2012/dsa-2382

CWE : Common Weakness Enumeration

% Id Name
80 % CWE-264 Permissions, Privileges, and Access Controls
20 % CWE-255 Credentials Management

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15055
 
Oval ID: oval:org.mitre.oval:def:15055
Title: USN-1188-1 -- eCryptfs vulnerabilities
Description: ecryptfs-utils: ecryptfs cryptographic filesystem eCryptfs could be tricked into mounting and unmounting arbitrary locations, and possibly disclose confidential information.
Family: unix Class: patch
Reference(s): USN-1188-1
CVE-2011-1831
CVE-2011-1832
CVE-2011-1833
CVE-2011-1834
CVE-2011-1835
CVE-2011-1836
CVE-2011-1837
 Version: 5
Platform(s): Ubuntu 11.04
Ubuntu 10.04
Ubuntu 10.10
 Product(s): eCryptfs
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 4
Application 27

OpenVAS Exploits

Date Description
2012-07-30 Name : CentOS Update for ecryptfs-utils-75-5.el5_ CESA-2011:1241 centos5 x86_64
File : nvt/gb_CESA-2011_1241_ecryptfs-utils-75-5.el5__centos5_x86_64.nasl
2012-03-19 Name : Fedora Update for ecryptfs-utils FEDORA-2011-10671
File : nvt/gb_fedora_2011_10671_ecryptfs-utils_fc16.nasl
2012-02-11 Name : Debian Security Advisory DSA 2382-1 (ecryptfs-utils)
File : nvt/deb_2382_1.nasl
2011-09-23 Name : CentOS Update for ecryptfs-utils-75-5.el5_ CESA-2011:1241 centos5 i386
File : nvt/gb_CESA-2011_1241_ecryptfs-utils-75-5.el5__centos5_i386.nasl
2011-09-16 Name : Fedora Update for ecryptfs-utils FEDORA-2011-11936
File : nvt/gb_fedora_2011_11936_ecryptfs-utils_fc15.nasl
2011-09-16 Name : Fedora Update for ecryptfs-utils FEDORA-2011-11979
File : nvt/gb_fedora_2011_11979_ecryptfs-utils_fc14.nasl
2011-09-07 Name : RedHat Update for ecryptfs-utils RHSA-2011:1241-01
File : nvt/gb_RHSA-2011_1241-01_ecryptfs-utils.nasl
2011-09-07 Name : Fedora Update for ecryptfs-utils FEDORA-2011-10718
File : nvt/gb_fedora_2011_10718_ecryptfs-utils_fc14.nasl
2011-09-07 Name : Fedora Update for ecryptfs-utils FEDORA-2011-10733
File : nvt/gb_fedora_2011_10733_ecryptfs-utils_fc15.nasl
2011-08-12 Name : Ubuntu Update for ecryptfs-utils USN-1188-1
File : nvt/gb_ubuntu_USN_1188_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
74878 Red Hat ecryptfs-utils mount.ecryptfs_private Race Condition Arbitrary File O...
74877 Red Hat ecryptfs-utils ecryptfs-setup-private Temporary File Key Injection Su...
74876 Red Hat ecryptfs-utils mount.ecryptfs_private mtab Corruption Arbitrary Direc...
74875 Red Hat ecryptfs-utils umount.ecryptfs_private Race Condition Arbitrary Direc...
74874 Red Hat ecryptfs-utils mount.ecryptfs_private Arbitrary Directory Mounting Lo...

Nessus® Vulnerability Scanner

Date Description
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_ecryptfs-utils-110811.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_ecryptfs-utils-110811.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1241.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110831_ecryptfs_utils_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-01-12 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2382.nasl - Type : ACT_GATHER_INFO
2011-09-23 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1241.nasl - Type : ACT_GATHER_INFO
2011-09-07 Name : The remote Fedora host is missing a security update.
File : fedora_2011-10671.nasl - Type : ACT_GATHER_INFO
2011-09-06 Name : The remote Fedora host is missing a security update.
File : fedora_2011-10718.nasl - Type : ACT_GATHER_INFO
2011-09-06 Name : The remote Fedora host is missing a security update.
File : fedora_2011-10733.nasl - Type : ACT_GATHER_INFO
2011-09-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1241.nasl - Type : ACT_GATHER_INFO
2011-08-12 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_ecryptfs-utils-110804.nasl - Type : ACT_GATHER_INFO
2011-08-10 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1188-1.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2014-02-18 21:24:57
  • Multiple Updates
2014-02-17 11:30:43
  • Multiple Updates
2014-02-15 17:21:56
  • Multiple Updates