Mandriva Linux Security Advisory : autofs (MDVSA-2008:009-1)

medium Nessus Plugin ID 37526

Synopsis

The remote Mandriva Linux host is missing a security update.

Description

The default behaviour of autofs 5 for the hosts map did not specify the nosuid and nodev mount options. This could allow a local user with control of a remote NFS server to create a setuid root executable on the exported filesystem of the remote NFS server. If this filesystem was mounted with the default hosts map, it would allow the user to obtain root privileges (CVE-2007-5964). Likewise, the same scenario would be available for local users able to create device files on the exported filesystem which could allow the user to gain access to important system devices (CVE-2007-6285).

Because the default behaviour of autofs was to mount -hosts map entries with the dev and suid options enabled by default, autofs has been altered to always use nodev and nosuid by default. In order to have the old behaviour, the configuration must now explicitly set the dev and/or suid options.

This change only affects the -hosts map which corresponds to the /net entry in the default configuration.

Update :

The previous update shipped with an incorrect LDAP lookup module that would prevent the automount daemon from starting. This update corrects that problem.

Solution

Update the affected autofs package.

Plugin Details

Severity: Medium

ID: 37526

File Name: mandriva_MDVSA-2008-009.nasl

Version: 1.14

Type: local

Published: 4/23/2009

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:autofs, cpe:/o:mandriva:linux:2007.1, cpe:/o:mandriva:linux:2008.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 1/12/2008

Reference Information

CVE: CVE-2007-5964, CVE-2007-6285

CWE: 16

MDVSA: 2008:009-1