Ubuntu Security Notice (C) 2005-2013 Canonical, Inc. / NASL script (C) 2006-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
David Watson discovered that 'umount -r' removed some restrictive
mount options like the 'nosuid' flag. If /etc/fstab contains
user-mountable removable devices which specify the 'nosuid' flag
(which is common practice for such devices), a local attacker could
exploit this to execute arbitrary programs with root privileges by
calling 'umount -r' on a removable device.
This does not affect the default Ubuntu configuration. Since Ubuntu
mounts removable devices automatically, there is normally no need to
configure them manually in /etc/fstab.
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.2
Family: Ubuntu Local Security Checks
Nessus Plugin ID: 20595 ()
CVE ID: CVE-2005-2876
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.