This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Vincent Fourmond First view 2010-06-18
Product Pmount Last view 2010-06-18
Version 0.9.18 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:vincent_fourmond:pmount

Activity : Overall

Related : CVE

  Date Alert Description
1.9 2010-06-18 CVE-2010-2192

The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite arbitrary files via a symlink attack on a file in /var/lock/.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')

Open Source Vulnerability Database (OSVDB)

id Description
65630 pmount policy.c make_lockdir_name Function Temporary File Symlink Arbitrary F...

OpenVAS Exploits

id Description
2010-07-06 Name : Debian Security Advisory DSA 2063-1 (pmount)
File : nvt/deb_2063_1.nasl

Nessus® Vulnerability Scanner

id Description
2014-12-15 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201412-08.nasl - Type: ACT_GATHER_INFO
2010-06-21 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2063.nasl - Type: ACT_GATHER_INFO