Please also feel free to using our GPG key (found on our About page) or email us at This email address is being protected from spambots. You need JavaScript enabled to view it.
After many months in development, LinuxSecurity is pleased to announce the public beta of our new site with more of the stuff we love best - the latest news, advisories, feature articles, interviews, and other content relevant to the Linux user.
While we work out any last-minute issues during this beta period, we would really appreciate your input. We need your help to identify any bugs or features we may have missed. See something you really like or don't like? Please share your thoughts!
Alasdair MacGregor discovered that mountall created a udev rule filewith world-writable permissions. A local attacker could exploit thisunder certain conditions to cause udev to execute arbitrary commands asthe root user. [More...]
===========================================================
Ubuntu Security Notice USN-985-1 September 08, 2010
mountall vulnerability
CVE-2010-2961
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 10.04 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 10.04 LTS:
mountall 2.15.2
In general, a standard system update will make all the necessary changes.
Details follow:
Alasdair MacGregor discovered that mountall created a udev rule file
with world-writable permissions. A local attacker could exploit this
under certain conditions to cause udev to execute arbitrary commands as
the root user.
Updated packages for Ubuntu 10.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/m/mountall/mountall_2.15.2.dsc
Size/MD5: 972 92e488f0e51ab3c20ddf537fdc92fd24
http://security.ubuntu.com/ubuntu/pool/main/m/mountall/mountall_2.15.2.tar.gz
Size/MD5: 564582 036e6a108a9bc0c2155a7226ad5437c3
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/m/mountall/mountall_2.15.2_amd64.deb
Size/MD5: 56016 76dc051afb8a20077f0c0b709369d6c0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/m/mountall/mountall_2.15.2_i386.deb
Size/MD5: 52384 42ebb3fa3f81ed1a08270d48a8f6b367
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/m/mountall/mountall_2.15.2_powerpc.deb
Size/MD5: 55780 cf51c1268b9b188150f9d2131882d8bb
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/m/mountall/mountall_2.15.2_sparc.deb
Size/MD5: 56758 276c85acaf4feaa54c53615f0a572b8b
[{"id":"87","title":"Excellent, don't change a thing!","votes":"64","type":"x","order":"1","pct":57.14,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":13.39,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"33","type":"x","order":"3","pct":29.46,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
bottom200
Copyright 2019 Guardian Digital, Inc. All rights reserved.
You are not authorised to post comments.