2.17.2

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

kernel

CWE-200

nessus

NVD

Published: 2014-01-21

Updated: 2014-01-22

Summary

(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line option or (2) attempting to mount a non-existent device, which generates different error messages depending on whether the directory exists.

Vulnerable Configurations

Part	Description	Count
Application	Kernel Kernel Util Linux 2.14.1 Kernel Util Linux 2.17.2	2

Common Weakness Enumeration (CWE)

CWE-200 - Information Exposure

Common Attack Pattern Enumeration and Classification (CAPEC)

Subverting Environment Variable Values
The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
Footprinting
An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
Exploiting Trust in Client (aka Make the Client Invisible)
An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
Browser Fingerprinting
An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Many web-based attacks need prior knowledge of the web browser including the version of browser to ensure successful exploitation of a vulnerability. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim. Automating this process via Java Script as a part of the same delivery system used to exploit the browser is considered more efficient as the attacker can supply a browser fingerprinting method and integrate it with exploit code, all contained in Java Script and in response to the same web page request by the browser.
Session Credential Falsification through Prediction
This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.

Nessus

NASL family	Mandriva Local Security Checks
NASL id	MANDRIVA_MDVSA-2013-154.NASL
description	A vulnerability has been found and corrected in util-linux : An information disclosure flaw was found in the way the mount command reported errors. A local attacker could use this flaw to determine the existence of files and directories they do not have access to (CVE-2013-0157). Additionally for Mandriva Enterprise Server 5 a patch was added to support a new --no-canonicalize switch for mount to support the fix for CVE-2010-3879 in fuse. The updated packages have been patched to correct these issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	66265
published	2013-04-30
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/66265
title	Mandriva Linux Security Advisory : util-linux (MDVSA-2013:154)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2013:154. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(66265); script_version("1.9"); script_cvs_date("Date: 2019/08/02 13:32:55"); script_cve_id("CVE-2013-0157"); script_bugtraq_id(57168); script_xref(name:"MDVSA", value:"2013:154"); script_name(english:"Mandriva Linux Security Advisory : util-linux (MDVSA-2013:154)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A vulnerability has been found and corrected in util-linux : An information disclosure flaw was found in the way the mount command reported errors. A local attacker could use this flaw to determine the existence of files and directories they do not have access to (CVE-2013-0157). Additionally for Mandriva Enterprise Server 5 a patch was added to support a new --no-canonicalize switch for mount to support the fix for CVE-2010-3879 in fuse. The updated packages have been patched to correct these issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=892330" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64blkid-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64blkid1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mount-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mount1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64uuid-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64uuid1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:util-linux"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:uuidd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1"); script_set_attribute(attribute:"patch_publication_date", value:"2013/04/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/04/30"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64\|i[3-6]86\|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64blkid-devel-2.21.1-2.1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64blkid1-2.21.1-2.1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64mount-devel-2.21.1-2.1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64mount1-2.21.1-2.1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64uuid-devel-2.21.1-2.1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64uuid1-2.21.1-2.1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"util-linux-2.21.1-2.1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"uuidd-2.21.1-2.1.mbs1")) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get()); else security_note(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2013-0517.NASL
description	Updated util-linux-ng packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The util-linux-ng packages contain a large variety of low-level system utilities that are necessary for a Linux operating system to function. An information disclosure flaw was found in the way the mount command reported errors. A local attacker could use this flaw to determine the existence of files and directories they do not have access to. (CVE-2013-0157) These updated util-linux-ng packages include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.4 Technical Notes, linked to in the References, for information on the most significant of these changes. All users of util-linux-ng are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.
last seen	2020-06-01
modified	2020-06-02
plugin id	64765
published	2013-02-21
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/64765
title	RHEL 6 : util-linux-ng (RHSA-2013:0517)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2013:0517. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(64765); script_version("1.17"); script_cvs_date("Date: 2019/10/24 15:35:36"); script_cve_id("CVE-2013-0157"); script_bugtraq_id(57168); script_xref(name:"RHSA", value:"2013:0517"); script_name(english:"RHEL 6 : util-linux-ng (RHSA-2013:0517)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated util-linux-ng packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The util-linux-ng packages contain a large variety of low-level system utilities that are necessary for a Linux operating system to function. An information disclosure flaw was found in the way the mount command reported errors. A local attacker could use this flaw to determine the existence of files and directories they do not have access to. (CVE-2013-0157) These updated util-linux-ng packages include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.4 Technical Notes, linked to in the References, for information on the most significant of these changes. All users of util-linux-ng are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements." ); # https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?b5caa05f" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2013:0517" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2013-0157" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libblkid"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libblkid-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libuuid"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libuuid-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:util-linux-ng"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:util-linux-ng-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:uuidd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/01/21"); script_set_attribute(attribute:"patch_publication_date", value:"2013/02/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/02/21"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2013:0517"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_NOTE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL6", reference:"libblkid-2.17.2-12.9.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"libblkid-devel-2.17.2-12.9.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"libuuid-2.17.2-12.9.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"libuuid-devel-2.17.2-12.9.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"util-linux-ng-2.17.2-12.9.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"util-linux-ng-debuginfo-2.17.2-12.9.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"uuidd-2.17.2-12.9.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"uuidd-2.17.2-12.9.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"uuidd-2.17.2-12.9.el6")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_NOTE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libblkid / libblkid-devel / libuuid / libuuid-devel / util-linux-ng / etc"); } }

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201405-15.NASL
description	The remote host is affected by the vulnerability described in GLSA-201405-15 (util-linux: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in util-linux. Please review the CVE identifiers referenced below for details. Impact : A local attacker may be able to cause a Denial of Service condition, trigger corruption of /etc/mtab, obtain sensitive information, or have other unspecified impact. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	74058
published	2014-05-19
reporter	This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/74058
title	GLSA-201405-15 : util-linux: Multiple vulnerabilities
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201405-15. # # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(74058); script_version("1.4"); script_cvs_date("Date: 2018/12/05 20:31:22"); script_cve_id("CVE-2011-1675", "CVE-2011-1676", "CVE-2011-1677", "CVE-2013-0157"); script_bugtraq_id(50941, 57168); script_xref(name:"GLSA", value:"201405-15"); script_name(english:"GLSA-201405-15 : util-linux: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201405-15 (util-linux: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in util-linux. Please review the CVE identifiers referenced below for details. Impact : A local attacker may be able to cause a Denial of Service condition, trigger corruption of /etc/mtab, obtain sensitive information, or have other unspecified impact. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201405-15" ); script_set_attribute( attribute:"solution", value: "All util-linux users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=sys-apps/util-linux-2.22.2'" ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:util-linux"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2014/05/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/05/19"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"sys-apps/util-linux", unaffected:make_list("ge 2.22.2"), vulnerable:make_list("lt 2.22.2"))) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get()); else security_warning(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "util-linux"); }

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20130221_UTIL_LINUX_NG_ON_SL6_X.NASL
description	An information disclosure flaw was found in the way the mount command reported errors. A local attacker could use this flaw to determine the existence of files and directories they do not have access to. (CVE-2013-0157)
last seen	2020-03-18
modified	2013-03-05
plugin id	65017
published	2013-03-05
reporter	This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/65017
title	Scientific Linux Security Update : util-linux-ng on SL6.x i386/x86_64 (20130221)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2013-0579.NASL
description	An updated rhev-hypervisor6 package that fixes three security issues, various bugs, and adds an enhancement is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way the vhost kernel module handled descriptors that spanned multiple regions. A privileged guest user could use this flaw to crash the host or, potentially, escalate their privileges on the host. (CVE-2013-0311) It was found that the default SCSI command filter does not accommodate commands that overlap across device classes. A privileged guest user could potentially use this flaw to write arbitrary data to a LUN that is passed-through as read-only. (CVE-2012-4542) It was discovered that dnsmasq, when used in combination with certain libvirtd configurations, could incorrectly process network packets from network interfaces that were intended to be prohibited. A remote, unauthenticated attacker could exploit this flaw to cause a denial of service via DNS amplification attacks. (CVE-2012-3411) The CVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat. This updated package provides updated components that include fixes for several security issues. These issues had no security impact on Red Hat Enterprise Virtualization Hypervisor itself, however. The security fixes included in this update address the following CVE numbers : CVE-2012-3955 (dhcp issue) CVE-2011-4355 (gdb issue) CVE-2012-4508, CVE-2013-0190, CVE-2013-0309, and CVE-2013-0310 (kernel issues) CVE-2012-5536 (openssh issue) CVE-2011-3148 and CVE-2011-3149 (pam issues) CVE-2013-0157 (util-linux-ng issue) This updated Red Hat Enterprise Virtualization Hypervisor package also fixes the following bugs : * Previously, the Administration Portal would always display the option to upgrade the Red Hat Enterprise Virtualization Hypervisor ISO regardless of whether or not the selected host was up-to-date. Now, the VDSM version compatibility is considered and the upgrade message only displays if there is an upgrade relevant to the host available. (BZ#853092) * An out of date version of libvirt was included in the Red Hat Enterprise Virtualization Hypervisor 6.4 package. As a result, virtual machines with supported CPU models were not being properly parsed by libvirt and failed to start. A more recent version of libvirt has been included in this updated hypervisor package. Virtual machines now start normally. (BZ#895078) As well, this update adds the following enhancement : * Hypervisor packages now take advantage of the installonlypkg function provided by yum. This allows for multiple versions of the hypervisor package to be installed on a system concurrently without making changes to the yum configuration as was previously required. (BZ#863579) This update includes the ovirt-node build from RHBA-2013:0556 : https://rhn.redhat.com/errata/RHBA-2013-0556.html Users of the Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package, which fixes these issues and adds this enhancement.
last seen	2020-06-01
modified	2020-06-02
plugin id	78950
published	2014-11-08
reporter	This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/78950
title	RHEL 6 : rhev-hypervisor6 (RHSA-2013:0579)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2013-0517.NASL
description	Updated util-linux-ng packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The util-linux-ng packages contain a large variety of low-level system utilities that are necessary for a Linux operating system to function. An information disclosure flaw was found in the way the mount command reported errors. A local attacker could use this flaw to determine the existence of files and directories they do not have access to. (CVE-2013-0157) These updated util-linux-ng packages include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.4 Technical Notes, linked to in the References, for information on the most significant of these changes. All users of util-linux-ng are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.
last seen	2020-06-01
modified	2020-06-02
plugin id	65149
published	2013-03-10
reporter	This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/65149
title	CentOS 6 : util-linux-ng (CESA-2013:0517)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2013-0517.NASL
description	From Red Hat Security Advisory 2013:0517 : Updated util-linux-ng packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The util-linux-ng packages contain a large variety of low-level system utilities that are necessary for a Linux operating system to function. An information disclosure flaw was found in the way the mount command reported errors. A local attacker could use this flaw to determine the existence of files and directories they do not have access to. (CVE-2013-0157) These updated util-linux-ng packages include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.4 Technical Notes, linked to in the References, for information on the most significant of these changes. All users of util-linux-ng are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.
last seen	2020-06-01
modified	2020-06-02
plugin id	68754
published	2013-07-12
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/68754
title	Oracle Linux 6 : util-linux-ng (ELSA-2013-0517)

Redhat

advisories

bugzilla

id	892330
title	CVE-2013-0157 util-linux: mount folder existence information disclosure

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003

AND
comment libuuid-devel is earlier than 0:2.17.2-12.9.el6
oval oval:com.redhat.rhsa:tst:20130517001
comment libuuid-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111691004

AND

comment libblkid-devel is earlier than 0:2.17.2-12.9.el6
oval oval:com.redhat.rhsa:tst:20130517003
comment libblkid-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111691002

AND
comment libblkid is earlier than 0:2.17.2-12.9.el6
oval oval:com.redhat.rhsa:tst:20130517005
comment libblkid is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111691012
AND
comment libuuid is earlier than 0:2.17.2-12.9.el6
oval oval:com.redhat.rhsa:tst:20130517007
comment libuuid is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111691008
AND
comment util-linux-ng is earlier than 0:2.17.2-12.9.el6
oval oval:com.redhat.rhsa:tst:20130517009
comment util-linux-ng is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111691006
AND
comment uuidd is earlier than 0:2.17.2-12.9.el6
oval oval:com.redhat.rhsa:tst:20130517011
comment uuidd is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111691010

rhsa

id	RHSA-2013:0517
released	2013-02-20
severity	Low
title	RHSA-2013:0517: util-linux-ng security, bug fix and enhancement update (Low)

rpms

libblkid-0:2.17.2-12.9.el6
libblkid-devel-0:2.17.2-12.9.el6
libuuid-0:2.17.2-12.9.el6
libuuid-devel-0:2.17.2-12.9.el6
util-linux-ng-0:2.17.2-12.9.el6
util-linux-ng-debuginfo-0:2.17.2-12.9.el6
uuidd-0:2.17.2-12.9.el6

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Nessus

Redhat

References