Executive Summary
Summary | |
---|---|
Title | autofs security update |
Informations | |||
---|---|---|---|
Name | RHSA-2007:1176 | First vendor Publication | 2007-12-20 |
Vendor | RedHat | Last vendor Modification | 2007-12-20 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 6.9 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 3.4 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated autofs packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: The autofs utility controls the operation of the automount daemon, which automatically mounts file systems when you use them, and unmounts them when you are not using them. This can include network file systems and CD-ROMs. There was a security issue with the default configuration of autofs version 5, whereby the entry for the "-hosts" map did not specify the "nodev" mount option. A local user with control of a remote NFS server could create special device files on the remote file system, that if mounted using the default "-hosts" map, could allow the user to access important system devices. (CVE-2007-6285) This issue is similar to CVE-2007-5964, which fixed a missing "nosuid" mount option in autofs. Both the "nodev" and "nosuid" options should be enabled to prevent a possible compromise of machine integrity. Due to the fact that autofs always mounted "-hosts" map entries "dev" by default, autofs has now been altered to always use the "nodev" option when mounting from the default "-hosts" map. The "dev" option must be explicitly given in the master map entry to revert to the old behavior. This change affects only the "-hosts" map which corresponds to the "/net" entry in the default configuration. All autofs users are advised to upgrade to these updated packages, which resolve this issue. Red Hat would like to thank Tim Baum for reporting this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 426218 - CVE-2007-6285 autofs default doesn't set nodev in /net |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2007-1176.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-16 | Configuration |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10158 | |||
Oval ID: | oval:org.mitre.oval:def:10158 | ||
Title: | The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 5, omits the nosuid option for the hosts (/net filesystem) map, which allows local users to gain privileges via a setuid program on a remote NFS server. | ||
Description: | The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 5, omits the nosuid option for the hosts (/net filesystem) map, which allows local users to gain privileges via a setuid program on a remote NFS server. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-5964 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11457 | |||
Oval ID: | oval:org.mitre.oval:def:11457 | ||
Title: | The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special device files on that server, as demonstrated by the /dev/mem device. | ||
Description: | The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special device files on that server, as demonstrated by the /dev/mem device. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6285 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21775 | |||
Oval ID: | oval:org.mitre.oval:def:21775 | ||
Title: | ELSA-2007:1176: autofs security update (Important) | ||
Description: | The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special device files on that server, as demonstrated by the /dev/mem device. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:1176-01 CVE-2007-6285 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | autofs |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22376 | |||
Oval ID: | oval:org.mitre.oval:def:22376 | ||
Title: | ELSA-2007:1128: autofs security update (Important) | ||
Description: | The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 5, omits the nosuid option for the hosts (/net filesystem) map, which allows local users to gain privileges via a setuid program on a remote NFS server. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:1128-02 CVE-2007-5964 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | autofs |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 2 |
OpenVAS Exploits
Date | Description |
---|---|
2009-04-09 | Name : Mandriva Update for autofs MDVSA-2008:009 (autofs) File : nvt/gb_mandriva_MDVSA_2008_009.nasl |
2009-04-09 | Name : Mandriva Update for autofs MDVSA-2008:009-1 (autofs) File : nvt/gb_mandriva_MDVSA_2008_009_1.nasl |
2009-03-06 | Name : RedHat Update for autofs RHSA-2007:1128-01 File : nvt/gb_RHSA-2007_1128-01_autofs.nasl |
2009-03-06 | Name : RedHat Update for autofs5 RHSA-2007:1129-01 File : nvt/gb_RHSA-2007_1129-01_autofs5.nasl |
2009-03-06 | Name : RedHat Update for autofs RHSA-2007:1176-01 File : nvt/gb_RHSA-2007_1176-01_autofs.nasl |
2009-03-06 | Name : RedHat Update for autofs5 RHSA-2007:1177-01 File : nvt/gb_RHSA-2007_1177-01_autofs5.nasl |
2009-02-27 | Name : CentOS Update for autofs5 CESA-2007:1177 centos4 i386 File : nvt/gb_CESA-2007_1177_autofs5_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for autofs5 CESA-2007:1177 centos4 x86_64 File : nvt/gb_CESA-2007_1177_autofs5_centos4_x86_64.nasl |
2009-02-27 | Name : Fedora Update for autofs FEDORA-2007-4469 File : nvt/gb_fedora_2007_4469_autofs_fc7.nasl |
2009-02-27 | Name : Fedora Update for autofs FEDORA-2007-4532 File : nvt/gb_fedora_2007_4532_autofs_fc8.nasl |
2009-02-27 | Name : Fedora Update for autofs FEDORA-2007-4707 File : nvt/gb_fedora_2007_4707_autofs_fc8.nasl |
2009-02-27 | Name : Fedora Update for autofs FEDORA-2007-4709 File : nvt/gb_fedora_2007_4709_autofs_fc7.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
40442 | Red Hat Enterprise Linux autofs5 nodev Local Restriction Bypass |
40441 | Red Hat Enterprise Linux autofs /net Local Privilege Escalation |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2007-1177.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2007-1176.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2007-1129.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2007-1128.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2007-1129.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20071212_autofs_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2007-1176.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2007-1128.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2008-009.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4707.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4709.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2007-1177.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-1176.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-1177.nasl - Type : ACT_GATHER_INFO |
2007-12-17 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4532.nasl - Type : ACT_GATHER_INFO |
2007-12-17 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4469.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-1128.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-1129.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:51:19 |
|
2013-05-11 12:24:20 |
|