9.8 - CVE-2011-3145

Executive Summary

Informations
Name	CVE-2011-3145	First vendor Publication	2019-04-22
Vendor	Cve	Last vendor Modification	2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Overall CVSS Score	9.8
Base Score	9.8	Environmental Score	9.8
impact SubScore	5.9	Temporal Score	9.8
Exploitabality Sub Score	3.9

Attack Vector	Network	Attack Complexity	Low
Privileges Required	None	User Interaction	None
Scope	Unchanged	Confidentiality Impact	High
Integrity Impact	High	Availability Impact	High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	7.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfs_private.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3145

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-254	Security Features

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:14168

Oval ID:	oval:org.mitre.oval:def:14168
Title:	USN-1196-1 -- ecryptfs-utils vulnerability
Description:	ecryptfs-utils: ecryptfs cryptographic filesystem An attacker could use eCryptfs to unmount arbitrary locations and cause a denial of service.
Family:	unix	Class:	patch
Reference(s):	USN-1196-1 CVE-2011-3145	Version:	5
Platform(s):	Ubuntu 11.04 Ubuntu 10.04 Ubuntu 10.10	Product(s):	ecryptfs-utils
Definition Synopsis:
Release section Ubuntu 11.04 is installed AND Installed architecture is all AND ecryptfs-utils DPKG is earlier than 87-0ubuntu1.2 OR Release section Ubuntu 10.04 is installed AND Installed architecture is all AND ecryptfs-utils DPKG is earlier than 83-0ubuntu3.2.10.04.2 OR Release section Ubuntu 10.10 is installed AND Installed architecture is all AND ecryptfs-utils DPKG is earlier than 83-0ubuntu3.2.10.10.2

Definition Id: oval:org.mitre.oval:def:15419

Oval ID:	oval:org.mitre.oval:def:15419
Title:	DSA-2382-1 ecryptfs-utils -- multiple
Description:	Several problems have been discovered in ecryptfs-utils, a cryptographic filesystem for Linux. CVE-2011-1831 Vasiliy Kulikov of Openwall and Dan Rosenberg discovered that eCryptfs incorrectly validated permissions on the requested mountpoint. A local attacker could use this flaw to mount to arbitrary locations, leading to privilege escalation. CVE-2011-1832 Vasiliy Kulikov of Openwall and Dan Rosenberg discovered that eCryptfs incorrectly validated permissions on the requested mountpoint. A local attacker could use this flaw to unmount to arbitrary locations, leading to a denial of service. CVE-2011-1834 Dan Rosenberg and Marc Deslauriers discovered that eCryptfs incorrectly handled modifications to the mtab file when an error occurs. A local attacker could use this flaw to corrupt the mtab file, and possibly unmount arbitrary locations, leading to a denial of service. CVE-2011-1835 Marc Deslauriers discovered that eCryptfs incorrectly handled keys when setting up an encrypted private directory. A local attacker could use this flaw to manipulate keys during creation of a new user. CVE-2011-1837 Vasiliy Kulikov of Openwall discovered that eCryptfs incorrectly handled lock counters. A local attacker could use this flaw to possibly overwrite arbitrary files. We acknowledge the work of the Ubuntu distribution in preparing patches suitable for near-direct inclusion in the Debian package.
Family:	unix	Class:	patch
Reference(s):	DSA-2382-1 CVE-2011-1831 CVE-2011-1832 CVE-2011-1834 CVE-2011-1835 CVE-2011-1837 CVE-2011-3145	Version:	5
Platform(s):	Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	ecryptfs-utils
Definition Synopsis:
Release section Debian GNU/Linux 5.0 is installed AND Installed architecture is all AND ecryptfs-utils DPKG is earlier than 68-1+lenny1 OR Release section Debian 6.0 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND Installed architecture is all AND ecryptfs-utils DPKG is earlier than 83-4+squeeze1

Definition Id: oval:org.mitre.oval:def:21842

Oval ID:	oval:org.mitre.oval:def:21842
Title:	RHSA-2011:1241: ecryptfs-utils security update (Moderate)
Description:	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Family:	unix	Class:	patch
Reference(s):	RHSA-2011:1241-01 CESA-2011:1241 CVE-2011-1831 CVE-2011-1832 CVE-2011-1834 CVE-2011-1835 CVE-2011-1837 CVE-2011-3145	Version:	52
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	ecryptfs-utils
Definition Synopsis:
Operation system section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section ecryptfs-utils-gui is earlier than 0:75-5.el5_7.2 AND ecryptfs-utils is earlier than 0:75-5.el5_7.2 AND ecryptfs-utils-devel is earlier than 0:75-5.el5_7.2 AND Operation system section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section ecryptfs-utils-python is earlier than 0:82-6.el6_1.3 AND ecryptfs-utils is earlier than 0:82-6.el6_1.3 AND ecryptfs-utils-devel is earlier than 0:82-6.el6_1.3

Definition Id: oval:org.mitre.oval:def:23378

Oval ID:	oval:org.mitre.oval:def:23378
Title:	DEPRECATED: ELSA-2011:1241: ecryptfs-utils security update (Moderate)
Description:	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Family:	unix	Class:	patch
Reference(s):	ELSA-2011:1241-01 CVE-2011-1831 CVE-2011-1832 CVE-2011-1834 CVE-2011-1835 CVE-2011-1837 CVE-2011-3145	Version:	30
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	ecryptfs-utils
Definition Synopsis:
rpm test Oracle Linux 5.x AND rpm test ecryptfs-utils-gui is earlier than 0:75-5.el5_7.2 AND ecryptfs-utils is earlier than 0:75-5.el5_7.2 AND ecryptfs-utils-devel is earlier than 0:75-5.el5_7.2 OR rpm test Oracle Linux 6.x AND rpm test ecryptfs-utils-python is earlier than 0:82-6.el6_1.3 AND ecryptfs-utils is earlier than 0:82-6.el6_1.3 AND ecryptfs-utils-devel is earlier than 0:82-6.el6_1.3

Definition Id: oval:org.mitre.oval:def:23427

Oval ID:	oval:org.mitre.oval:def:23427
Title:	ELSA-2011:1241: ecryptfs-utils security update (Moderate)
Description:	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Family:	unix	Class:	patch
Reference(s):	ELSA-2011:1241-01 CVE-2011-1831 CVE-2011-1832 CVE-2011-1834 CVE-2011-1835 CVE-2011-1837 CVE-2011-3145	Version:	29
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	ecryptfs-utils
Definition Synopsis:
rpm test Oracle Linux 5.x AND rpm test ecryptfs-utils-gui is earlier than 0:75-5.el5_7.2 AND ecryptfs-utils is earlier than 0:75-5.el5_7.2 AND ecryptfs-utils-devel is earlier than 0:75-5.el5_7.2 OR rpm test Oracle Linux 6.x AND rpm test ecryptfs-utils-python is earlier than 0:82-6.el6_1.3 AND ecryptfs-utils is earlier than 0:82-6.el6_1.3 AND ecryptfs-utils-devel is earlier than 0:82-6.el6_1.3

Definition Id: oval:org.mitre.oval:def:27939

Oval ID:	oval:org.mitre.oval:def:27939
Title:	DEPRECATED: ELSA-2011-1241 -- ecryptfs-utils security update (moderate)
Description:	[82-6.3] - do not forget to set the group id in mount.ecryptfs_private [82-6.2] - fix regression in ecryptfs-setup-private [82-6.1] - security fixes: - privilege escalation via mountpoint race conditions (CVE-2011-1831, CVE-2011-1832) - race condition when checking source during mount (CVE-2011-1833) - mtab corruption via improper handling (CVE-2011-1834) - key poisoning via insecure temp directory handling (CVE-2011-1835) - arbitrary file overwrite via lock counter race (CVE-2011-1837)
Family:	unix	Class:	patch
Reference(s):	ELSA-2011-1241 CVE-2011-1831 CVE-2011-1832 CVE-2011-1834 CVE-2011-1835 CVE-2011-1837 CVE-2011-3145	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	ecryptfs-utils
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section ecryptfs-utils is earlier than 0:75-5.el5_7.2 AND ecryptfs-utils-devel is earlier than 0:75-5.el5_7.2 AND ecryptfs-utils-gui is earlier than 0:75-5.el5_7.2 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section ecryptfs-utils is earlier than 0:82-6.el6_1.3 AND ecryptfs-utils-devel is earlier than 0:82-6.el6_1.3 AND ecryptfs-utils-python is earlier than 0:82-6.el6_1.3

CPE : Common Platform Enumeration

Type	Description	Count
Application	Mount.Ecrpytfs Private Project Mount.Ecrpytfs Private cpe:2.3:a:mount.ecrpytfs_private_project:mount.ecrpytfs_private:-:::::::*	1

OpenVAS Exploits

Date	Description
2012-07-30	Name : CentOS Update for ecryptfs-utils-75-5.el5_ CESA-2011:1241 centos5 x86_64 File : nvt/gb_CESA-2011_1241_ecryptfs-utils-75-5.el5__centos5_x86_64.nasl
2012-07-30	Name : CentOS Update for kernel CESA-2011:1386 centos5 x86_64 File : nvt/gb_CESA-2011_1386_kernel_centos5_x86_64.nasl
2012-07-09	Name : RedHat Update for kernel RHSA-2011:1350-01 File : nvt/gb_RHSA-2011_1350-01_kernel.nasl
2012-03-19	Name : Fedora Update for ecryptfs-utils FEDORA-2011-11871 File : nvt/gb_fedora_2011_11871_ecryptfs-utils_fc16.nasl
2012-02-11	Name : Debian Security Advisory DSA 2382-1 (ecryptfs-utils) File : nvt/deb_2382_1.nasl
2011-10-21	Name : CentOS Update for kernel CESA-2011:1386 centos5 i386 File : nvt/gb_CESA-2011_1386_kernel_centos5_i386.nasl
2011-10-21	Name : RedHat Update for kernel RHSA-2011:1386-01 File : nvt/gb_RHSA-2011_1386-01_kernel.nasl
2011-09-23	Name : CentOS Update for ecryptfs-utils-75-5.el5_ CESA-2011:1241 centos5 i386 File : nvt/gb_CESA-2011_1241_ecryptfs-utils-75-5.el5__centos5_i386.nasl
2011-09-16	Name : Fedora Update for ecryptfs-utils FEDORA-2011-11936 File : nvt/gb_fedora_2011_11936_ecryptfs-utils_fc15.nasl
2011-09-16	Name : Fedora Update for ecryptfs-utils FEDORA-2011-11979 File : nvt/gb_fedora_2011_11979_ecryptfs-utils_fc14.nasl
2011-09-07	Name : RedHat Update for ecryptfs-utils RHSA-2011:1241-01 File : nvt/gb_RHSA-2011_1241-01_ecryptfs-utils.nasl
2011-08-27	Name : Ubuntu Update for ecryptfs-utils USN-1196-1 File : nvt/gb_ubuntu_USN_1196_1.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
74869	ecryptfs-utils mtab Permission Manipulation Arbitrary Location Unmount DoS

Nessus® Vulnerability Scanner

Date	Description
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_4_ecryptfs-utils-111214.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_3_ecryptfs-utils-111214.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1350.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1241.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_ecryptfs-utils-120420.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110831_ecryptfs_utils_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-01-12	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2382.nasl - Type : ACT_GATHER_INFO
2011-10-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2011-10-21	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2011-10-06	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1350.nasl - Type : ACT_GATHER_INFO
2011-10-03	Name : The remote Fedora host is missing a security update. File : fedora_2011-11871.nasl - Type : ACT_GATHER_INFO
2011-09-23	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1241.nasl - Type : ACT_GATHER_INFO
2011-09-15	Name : The remote Fedora host is missing a security update. File : fedora_2011-11979.nasl - Type : ACT_GATHER_INFO
2011-09-15	Name : The remote Fedora host is missing a security update. File : fedora_2011-11936.nasl - Type : ACT_GATHER_INFO
2011-09-01	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1241.nasl - Type : ACT_GATHER_INFO
2011-08-24	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1196-1.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/558

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-11-28 22:18:29	Multiple Updates
2024-11-28 12:26:52	Multiple Updates
2021-05-04 12:15:19	Multiple Updates
2021-04-22 01:16:53	Multiple Updates
2020-05-23 00:30:56	Multiple Updates
2019-10-10 05:19:27	Multiple Updates
2019-04-29 21:19:19	Multiple Updates
2019-04-22 21:19:05	First insertion

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	6
CPE ID(s)	1
Sources(s)	1
osvdb(s)	1
Openvas Exploit(s)	12
Nessus® Exploit(s)	17

	Related
7.5	RHSA-2011:1241
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

9.8 - CVE-2011-3145

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU