CVE-2007-5191

Description

mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.

References

Link	Tags
http://www.ubuntu.com/usn/usn-533-1	third party advisory vendor advisory
https://issues.rpath.com/browse/RPL-1757	broken link
http://secunia.com/advisories/27145	third party advisory
http://bugs.gentoo.org/show_bug.cgi?id=195390	issue tracking third party advisory
http://secunia.com/advisories/27122	third party advisory
http://frontal2.mandriva.com/en/security/advisories?name=MDKSA-2007:198	third party advisory vendor advisory
http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=ebbeb2c7ac1b00b6083905957837a271e80b187e
http://secunia.com/advisories/28349	third party advisory
http://www.debian.org/security/2008/dsa-1449	third party advisory vendor advisory
http://www.debian.org/security/2008/dsa-1450	third party advisory vendor advisory
http://secunia.com/advisories/27104	third party advisory
http://secunia.com/advisories/27283	third party advisory
http://www.securityfocus.com/archive/1/485936/100/0/threaded	mailing list vdb entry third party advisory
http://secunia.com/advisories/27354	third party advisory
http://lists.vmware.com/pipermail/security-announce/2008/000002.html	third party advisory mailing list
http://secunia.com/advisories/28469	third party advisory
http://security.gentoo.org/glsa/glsa-200710-18.xml	third party advisory vendor advisory
http://secunia.com/advisories/28348	third party advisory
http://www.securitytracker.com/id?1018782	vdb entry third party advisory
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00144.html	third party advisory vendor advisory
http://secunia.com/advisories/27687	third party advisory
https://bugzilla.redhat.com/show_bug.cgi?id=320041	issue tracking third party advisory
http://secunia.com/advisories/28368	third party advisory
http://secunia.com/advisories/27399	third party advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10101	vdb entry third party advisory signature
http://www.securityfocus.com/bid/25973	vdb entry third party advisory
http://secunia.com/advisories/27188	third party advisory
http://support.avaya.com/elmodocs2/security/ASA-2008-023.htm	third party advisory
http://www.vupen.com/english/advisories/2007/3417	vdb entry third party advisory
http://www.redhat.com/support/errata/RHSA-2007-0969.html	third party advisory vendor advisory
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html	mailing list third party advisory vendor advisory
http://www.vmware.com/security/advisories/VMSA-2008-0001.html	third party advisory
http://www.vupen.com/english/advisories/2008/0064	vdb entry third party advisory
http://www.securityfocus.com/archive/1/486859/100/0/threaded	mailing list vdb entry third party advisory

Frequently Asked Questions

What is the severity of CVE-2007-5191?: CVE-2007-5191 has been scored as a high severity vulnerability.
How to fix CVE-2007-5191?: To fix CVE-2007-5191, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2007-5191 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2007-5191 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-252 – Unchecked Return Value

References

Frequently Asked Questions