mountall: arbitrary code execution
| Package(s): | mountall | CVE #(s): | CVE-2010-2961 | ||||
| Created: | September 9, 2010 | Updated: | September 15, 2010 | ||||
| Description: | From the Ubuntu advisory: Alasdair MacGregor discovered that mountall created a udev rule file with world-writable permissions. A local attacker could exploit this under certain conditions to cause udev to execute arbitrary commands as the root user. | ||||||
| Alerts: |
| ||||||