Vulnerabilities > CVE-2011-3145 - 7PK - Security Features vulnerability in Mount.Ecrpytfs Private Project Mount.Ecrpytfs Private

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

mount-ecrpytfs-private-project

CWE-254

critical

nessus

NVD

Published: 2019-04-22

Updated: 2019-10-09

Summary

When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfs_private.

Vulnerable Configurations

Part	Description	Count
Application	Mount.Ecrpytfs_Private_Project Mount.Ecrpytfs Private Project Mount.Ecrpytfs Private -	1

Common Weakness Enumeration (CWE)

CWE-254 - 7PK - Security Features

Nessus

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2011-11871.NASL
description	- fix incorrect mtab group ownership Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	56349
published	2011-10-03
reporter	This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/56349
title	Fedora 16 : ecryptfs-utils-90-2.fc16 (2011-11871)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2011-11871. # include("compat.inc"); if (description) { script_id(56349); script_version("1.13"); script_cvs_date("Date: 2019/08/02 13:32:33"); script_cve_id("CVE-2011-3145"); script_bugtraq_id(49287); script_xref(name:"FEDORA", value:"2011-11871"); script_name(english:"Fedora 16 : ecryptfs-utils-90-2.fc16 (2011-11871)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: " - fix incorrect mtab group ownership Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=732607" ); # https://lists.fedoraproject.org/pipermail/package-announce/2011-September/066577.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?f2a8743d" ); script_set_attribute( attribute:"solution", value:"Update the affected ecryptfs-utils package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:ecryptfs-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:16"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/22"); script_set_attribute(attribute:"patch_publication_date", value:"2011/08/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/10/03"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^16([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 16.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC16", reference:"ecryptfs-utils-90-2.fc16")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ecryptfs-utils"); }

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2011-1241.NASL
description	Updated ecryptfs-utils packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. eCryptfs is a stacked, cryptographic file system. It is transparent to the underlying file system and provides per-file granularity. eCryptfs is released as a Technology Preview for Red Hat Enterprise Linux 5 and 6. The setuid mount.ecryptfs_private utility allows users to mount an eCryptfs file system. This utility can only be run by users in the
last seen	2020-06-01
modified	2020-06-02
plugin id	56273
published	2011-09-23
reporter	This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/56273
title	CentOS 5 : ecryptfs-utils (CESA-2011:1241)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2011:1241 and # CentOS Errata and Security Advisory 2011:1241 respectively. # include("compat.inc"); if (description) { script_id(56273); script_version("1.16"); script_cvs_date("Date: 2019/10/25 13:36:06"); script_cve_id("CVE-2011-1831", "CVE-2011-1832", "CVE-2011-1833", "CVE-2011-1834", "CVE-2011-1835", "CVE-2011-1837", "CVE-2011-3145"); script_bugtraq_id(49108, 49287); script_xref(name:"RHSA", value:"2011:1241"); script_name(english:"CentOS 5 : ecryptfs-utils (CESA-2011:1241)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated ecryptfs-utils packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. eCryptfs is a stacked, cryptographic file system. It is transparent to the underlying file system and provides per-file granularity. eCryptfs is released as a Technology Preview for Red Hat Enterprise Linux 5 and 6. The setuid mount.ecryptfs_private utility allows users to mount an eCryptfs file system. This utility can only be run by users in the 'ecryptfs' group. A race condition flaw was found in the way mount.ecryptfs_private checked the permissions of a requested mount point when mounting an encrypted file system. A local attacker could possibly use this flaw to escalate their privileges by mounting over an arbitrary directory. (CVE-2011-1831) A race condition flaw in umount.ecryptfs_private could allow a local attacker to unmount an arbitrary file system. (CVE-2011-1832) It was found that mount.ecryptfs_private did not handle certain errors correctly when updating the mtab (mounted file systems table) file, allowing a local attacker to corrupt the mtab file and possibly unmount an arbitrary file system. (CVE-2011-1834) An insecure temporary file use flaw was found in the ecryptfs-setup-private script. A local attacker could use this script to insert their own key that will subsequently be used by a new user, possibly giving the attacker access to the user's encrypted data if existing file permissions allow access. (CVE-2011-1835) A race condition flaw in mount.ecryptfs_private could allow a local attacker to overwrite arbitrary files. (CVE-2011-1837) A race condition flaw in the way temporary files were accessed in mount.ecryptfs_private could allow a malicious, local user to make arbitrary modifications to the mtab file. (CVE-2011-3145) A race condition flaw was found in the way mount.ecryptfs_private checked the permissions of the directory to mount. A local attacker could use this flaw to mount (and then access) a directory they would otherwise not have access to. Note: The fix for this issue is incomplete until a kernel-space change is made. Future Red Hat Enterprise Linux 5 and 6 kernel updates will correct this issue. (CVE-2011-1833) Red Hat would like to thank the Ubuntu Security Team for reporting these issues. The Ubuntu Security Team acknowledges Vasiliy Kulikov of Openwall and Dan Rosenberg as the original reporters of CVE-2011-1831, CVE-2011-1832, and CVE-2011-1833; Dan Rosenberg and Marc Deslauriers as the original reporters of CVE-2011-1834; Marc Deslauriers as the original reporter of CVE-2011-1835; and Vasiliy Kulikov of Openwall as the original reporter of CVE-2011-1837. Users of ecryptfs-utils are advised to upgrade to these updated packages, which contain backported patches to correct these issues." ); # https://lists.centos.org/pipermail/centos-announce/2011-September/017811.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?52413165" ); # https://lists.centos.org/pipermail/centos-announce/2011-September/017812.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?db14ec10" ); # https://lists.centos.org/pipermail/centos-cr-announce/2011-September/000040.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?af9cba0b" ); # https://lists.centos.org/pipermail/centos-cr-announce/2011-September/000041.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?2e894d9a" ); script_set_attribute( attribute:"solution", value:"Update the affected ecryptfs-utils packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:ecryptfs-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:ecryptfs-utils-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:ecryptfs-utils-gui"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/03"); script_set_attribute(attribute:"patch_publication_date", value:"2011/09/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/09/23"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) \|\| "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^5([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-5", reference:"ecryptfs-utils-75-5.el5_7.2")) flag++; if (rpm_check(release:"CentOS-5", reference:"ecryptfs-utils-devel-75-5.el5_7.2")) flag++; if (rpm_check(release:"CentOS-5", reference:"ecryptfs-utils-gui-75-5.el5_7.2")) flag++; if (flag) { cr_plugin_caveat = '\n' + 'NOTE: The security advisory associated with this vulnerability has a\n' + 'fixed package version that may only be available in the continuous\n' + 'release (CR) repository for CentOS, until it is present in the next\n' + 'point release of CentOS.\n\n' + 'If an equal or higher package level does not exist in the baseline\n' + 'repository for your major version of CentOS, then updates from the CR\n' + 'repository will need to be applied in order to address the\n' + 'vulnerability.\n'; security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + cr_plugin_caveat ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ecryptfs-utils / ecryptfs-utils-devel / ecryptfs-utils-gui"); }

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20110831_ECRYPTFS_UTILS_ON_SL5_X.NASL
description	eCryptfs is a stacked, cryptographic file system. It is transparent to the underlying file system and provides per-file granularity. The setuid mount.ecryptfs_private utility allows users to mount an eCryptfs file system. This utility can only be run by users in the
last seen	2020-06-01
modified	2020-06-02
plugin id	61124
published	2012-08-01
reporter	This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/61124
title	Scientific Linux Security Update : ecryptfs-utils on SL5.x, SL6.x i386/x86_64
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(61124); script_version("1.7"); script_cvs_date("Date: 2019/10/25 13:36:20"); script_cve_id("CVE-2011-1831", "CVE-2011-3145"); script_name(english:"Scientific Linux Security Update : ecryptfs-utils on SL5.x, SL6.x i386/x86_64"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "eCryptfs is a stacked, cryptographic file system. It is transparent to the underlying file system and provides per-file granularity. The setuid mount.ecryptfs_private utility allows users to mount an eCryptfs file system. This utility can only be run by users in the 'ecryptfs' group. A race condition flaw was found in the way mount.ecryptfs_private checked the permissions of a requested mount point when mounting an encrypted file system. A local attacker could possibly use this flaw to escalate their privileges by mounting over an arbitrary directory. (CVE-2011-1831) A race condition flaw in umount.ecryptfs_private could allow a local attacker to unmount an arbitrary file system. (CVE-2011-1832) It was found that mount.ecryptfs_private did not handle certain errors correctly when updating the mtab (mounted file systems table) file, allowing a local attacker to corrupt the mtab file and possibly unmount an arbitrary file system. (CVE-2011-1834) An insecure temporary file use flaw was found in the ecryptfs-setup-private script. A local attacker could use this script to insert their own key that will subsequently be used by a new user, possibly giving the attacker access to the user's encrypted data if existing file permissions allow access. (CVE-2011-1835) A race condition flaw in mount.ecryptfs_private could allow a local attacker to overwrite arbitrary files. (CVE-2011-1837) A race condition flaw in the way temporary files were accessed in mount.ecryptfs_private could allow a malicious, local user to make arbitrary modifications to the mtab file. (CVE-2011-3145) A race condition flaw was found in the way mount.ecryptfs_private checked the permissions of the directory to mount. A local attacker could use this flaw to mount (and then access) a directory they would otherwise not have access to. Note: The fix for this issue is incomplete until a kernel-space change is made. Future Scientific Linux 5 and 6 kernel updates will correct this issue. (CVE-2011-1833) Users of ecryptfs-utils are advised to upgrade to these updated packages, which contain backported patches to correct these issues." ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1109&L=scientific-linux-errata&T=0&P=615 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?4fe712e0" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/02/15"); script_set_attribute(attribute:"patch_publication_date", value:"2011/08/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL5", reference:"ecryptfs-utils-75-5.el5_7.2")) flag++; if (rpm_check(release:"SL5", reference:"ecryptfs-utils-debuginfo-75-5.el5_7.2")) flag++; if (rpm_check(release:"SL5", reference:"ecryptfs-utils-devel-75-5.el5_7.2")) flag++; if (rpm_check(release:"SL5", reference:"ecryptfs-utils-gui-75-5.el5_7.2")) flag++; if (rpm_check(release:"SL6", reference:"ecryptfs-utils-82-6.el6_1.3")) flag++; if (rpm_check(release:"SL6", reference:"ecryptfs-utils-debuginfo-82-6.el6_1.3")) flag++; if (rpm_check(release:"SL6", reference:"ecryptfs-utils-devel-82-6.el6_1.3")) flag++; if (rpm_check(release:"SL6", reference:"ecryptfs-utils-python-82-6.el6_1.3")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_ECRYPTFS-UTILS-120420.NASL
description	ecryptfs-utils was updated to fix a security issue and some bugs. Security issue fixed: mount.ecryptfs_private did not set correct group ownerships when it modifies mtab. (CVE-2011-3145) Also some bugs that made this set of tools non-working were fixed. You need to manually hand setuid root permissions to /sbin/mount.ecryptfs_private if you want to use it as a non-root user.
last seen	2020-06-05
modified	2013-01-25
plugin id	64126
published	2013-01-25
reporter	This script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/64126
title	SuSE 11.1 Security Update : ecryptfs-utils (SAT Patch Number 6187)

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-1196-1.NASL
description	It was discovered that eCryptfs incorrectly handled permissions when modifying the mtab file. A local attacker could use this flaw to manipulate the mtab file, and possibly unmount arbitrary locations, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	55968
published	2011-08-24
reporter	Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/55968
title	Ubuntu 10.04 LTS / 10.10 / 11.04 : ecryptfs-utils vulnerability (USN-1196-1)

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_3_ECRYPTFS-UTILS-111214.NASL
description	mount.ecrpytfs_private did not set correct group ownerships when it modifies mtab (CVE-2011-3145).
last seen	2020-06-01
modified	2020-06-02
plugin id	75474
published	2014-06-13
reporter	This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/75474
title	openSUSE Security Update : ecryptfs-utils (openSUSE-SU-2012:0106-1)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2011-11979.NASL
description	- fix incorrect mtab group ownership Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	56201
published	2011-09-15
reporter	This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/56201
title	Fedora 14 : ecryptfs-utils-90-2.fc14 (2011-11979)

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_4_ECRYPTFS-UTILS-111214.NASL
description	mount.ecrpytfs_private did not set correct group ownerships when it modifies mtab (CVE-2011-3145).
last seen	2020-06-01
modified	2020-06-02
plugin id	75822
published	2014-06-13
reporter	This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/75822
title	openSUSE Security Update : ecryptfs-utils (openSUSE-SU-2012:0106-1)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2011-1241.NASL
description	From Red Hat Security Advisory 2011:1241 : Updated ecryptfs-utils packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. eCryptfs is a stacked, cryptographic file system. It is transparent to the underlying file system and provides per-file granularity. eCryptfs is released as a Technology Preview for Red Hat Enterprise Linux 5 and 6. The setuid mount.ecryptfs_private utility allows users to mount an eCryptfs file system. This utility can only be run by users in the
last seen	2020-06-01
modified	2020-06-02
plugin id	68338
published	2013-07-12
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/68338
title	Oracle Linux 5 / 6 : ecryptfs-utils (ELSA-2011-1241)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2011-11936.NASL
description	- fix incorrect mtab group ownership Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	56200
published	2011-09-15
reporter	This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/56200
title	Fedora 15 : ecryptfs-utils-90-2.fc15 (2011-11936)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-2382.NASL
description	Several problems have been discovered in eCryptfs, a cryptographic filesystem for Linux. - CVE-2011-1831 Vasiliy Kulikov of Openwall and Dan Rosenberg discovered that eCryptfs incorrectly validated permissions on the requested mountpoint. A local attacker could use this flaw to mount to arbitrary locations, leading to privilege escalation. - CVE-2011-1832 Vasiliy Kulikov of Openwall and Dan Rosenberg discovered that eCryptfs incorrectly validated permissions on the requested mountpoint. A local attacker could use this flaw to unmount to arbitrary locations, leading to a denial of service. - CVE-2011-1834 Dan Rosenberg and Marc Deslauriers discovered that eCryptfs incorrectly handled modifications to the mtab file when an error occurs. A local attacker could use this flaw to corrupt the mtab file, and possibly unmount arbitrary locations, leading to a denial of service. - CVE-2011-1835 Marc Deslauriers discovered that eCryptfs incorrectly handled keys when setting up an encrypted private directory. A local attacker could use this flaw to manipulate keys during creation of a new user. - CVE-2011-1837 Vasiliy Kulikov of Openwall discovered that eCryptfs incorrectly handled lock counters. A local attacker could use this flaw to possibly overwrite arbitrary files. We acknowledge the work of the Ubuntu distribution in preparing patches suitable for near-direct inclusion in the Debian package.
last seen	2020-03-17
modified	2012-01-12
plugin id	57522
published	2012-01-12
reporter	This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/57522
title	Debian DSA-2382-1 : ecryptfs-utils - multiple vulnerabilities

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2011-1241.NASL
description	Updated ecryptfs-utils packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. eCryptfs is a stacked, cryptographic file system. It is transparent to the underlying file system and provides per-file granularity. eCryptfs is released as a Technology Preview for Red Hat Enterprise Linux 5 and 6. The setuid mount.ecryptfs_private utility allows users to mount an eCryptfs file system. This utility can only be run by users in the
last seen	2020-06-01
modified	2020-06-02
plugin id	56028
published	2011-09-01
reporter	This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/56028
title	RHEL 5 / 6 : ecryptfs-utils (RHSA-2011:1241)

Redhat

advisories

bugzilla

id	732607
title	CVE-2011-3145 ecryptfs-utils: incorrect mtab group ownership

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005

AND
comment ecryptfs-utils is earlier than 0:75-5.el5_7.2
oval oval:com.redhat.rhsa:tst:20111241001
comment ecryptfs-utils is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20091307004

AND

comment ecryptfs-utils-devel is earlier than 0:75-5.el5_7.2
oval oval:com.redhat.rhsa:tst:20111241003
comment ecryptfs-utils-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20091307002

AND

comment ecryptfs-utils-gui is earlier than 0:75-5.el5_7.2
oval oval:com.redhat.rhsa:tst:20111241005
comment ecryptfs-utils-gui is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20091307006

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003

AND

comment ecryptfs-utils-devel is earlier than 0:82-6.el6_1.3
oval oval:com.redhat.rhsa:tst:20111241008
comment ecryptfs-utils-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111241009

AND

comment ecryptfs-utils-python is earlier than 0:82-6.el6_1.3
oval oval:com.redhat.rhsa:tst:20111241010
comment ecryptfs-utils-python is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111241011

AND
comment ecryptfs-utils is earlier than 0:82-6.el6_1.3
oval oval:com.redhat.rhsa:tst:20111241012
comment ecryptfs-utils is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111241013

rhsa

id	RHSA-2011:1241
released	2011-08-31
severity	Moderate
title	RHSA-2011:1241: ecryptfs-utils security update (Moderate)

rpms

ecryptfs-utils-0:75-5.el5_7.2
ecryptfs-utils-0:82-6.el6_1.3
ecryptfs-utils-debuginfo-0:75-5.el5_7.2
ecryptfs-utils-debuginfo-0:82-6.el6_1.3
ecryptfs-utils-devel-0:75-5.el5_7.2
ecryptfs-utils-devel-0:82-6.el6_1.3
ecryptfs-utils-gui-0:75-5.el5_7.2
ecryptfs-utils-python-0:82-6.el6_1.3

References

http://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/558