Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 6 Sep 2008 13:23:20 +0200
From: Hanno Böck <>
Subject: CVE request: pam_mount < 0.47 missing security checks

Citing release notes mail:

About the security issue

During code refactoring approximately 3 years ago, are affected), some 
sanity/security checks for user-defined volumes were, probably 
accidentally, removed. This allowed users to mount arbitrary sources 
onto arbitrary directories; normally, they can only do so when they own 
the mountpoint, and own the source, or the source is a non-local mount.

Versions 0.10 through 0.45 are affected. The correct behavior enforcing 
these restrictions has been restored in 0.47. By default, user-defined 
configuration files are disabled in pam_mount.conf.xml anyway, and it is 
believed that luserconf-enabled systems are not numerous, so this is 
only a minor issue. It is advised to upgrade the affected systems, or as 
a workaround, disable user-defined volumes by commenting out the 
<luserconf ...> configuration item.

Hanno Böck		Blog:
GPG: 3DBD3B20		Jabber/Mail:

Download attachment "signature.asc " of type "application/pgp-signature" (198 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ