SuSE 11.1 Security Update : FUSE (SAT Patch Number 4095)

medium Nessus Plugin ID 53231
New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 4.5

Synopsis

The remote SuSE 11 host is missing one or more security updates.

Description

The following security issues were fixed :

- FUSE allowed local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem. (CVE-2010-3879)

- Avoid mounting a directory including evaluation of symlinks, which might have allowed local attackers to mount filesystems anywhere in the system.
(CVE-2011-0541)

- Avoid symlink attacks on the mount point written in the mtab file. Four bugs were fixed:. (CVE-2011-0543)

- fixed retrying nfs mounts on rpc timeouts

- allow seperate control of the internet protocol uses by rpc.mount seperately of the protocol used by nfs.

- Fixed locking in libuuid/uuid to avoid duplicate uuids.

- mkswap bad block check marked every block bad in O(n!) time on a good device New features were implemented :

- mount now has --fake and --no-canonicalize options, required for the symlink security fixes. These were backported from mainline.

- mount can now auto-detect and differentiate between squashfs3 and squashfs (v4) filesystems, allowing backward compatibility to the SUSE Linux Enterprise 11 GA codebase.

Solution

Apply SAT patch number 4095.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=635393

https://bugzilla.novell.com/show_bug.cgi?id=651598

https://bugzilla.novell.com/show_bug.cgi?id=663385

https://bugzilla.novell.com/show_bug.cgi?id=666893

https://bugzilla.novell.com/show_bug.cgi?id=667215

https://bugzilla.novell.com/show_bug.cgi?id=668820

http://support.novell.com/security/cve/CVE-2010-3879.html

http://support.novell.com/security/cve/CVE-2011-0541.html

http://support.novell.com/security/cve/CVE-2011-0543.html

Plugin Details

Severity: Medium

ID: 53231

File Name: suse_11_util-linux-and-fuse-201103-110302.nasl

Version: 1.7

Type: local

Agent: unix

Published: 3/31/2011

Updated: 1/19/2021

Dependencies: ssh_get_info.nasl

Risk Information

Risk Factor: Medium

VPR Score: 4.5

CVSS v2.0

Base Score: 5.8

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:fuse, p-cpe:/a:novell:suse_linux:11:libblkid1, p-cpe:/a:novell:suse_linux:11:libfuse2, p-cpe:/a:novell:suse_linux:11:libuuid-devel, p-cpe:/a:novell:suse_linux:11:libuuid1, p-cpe:/a:novell:suse_linux:11:libuuid1-32bit, p-cpe:/a:novell:suse_linux:11:util-linux, p-cpe:/a:novell:suse_linux:11:util-linux-lang, p-cpe:/a:novell:suse_linux:11:uuid-runtime, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 3/2/2011

Reference Information

CVE: CVE-2010-3879, CVE-2011-0541, CVE-2011-0543