MidnightBSD

Advisories for nilf

CVE-2009-2657 MEDIUM

nilfs-utils before 2.0.14 installs multiple programs with unnecessary setuid privileges, which allows local users to execute arbitrary commands via the device string in a -c command line option to mkfs.nilfs2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
nilf nilfs 1.0.6
nilf nilfs 2.0.12
nilf nilfs 1.0.17
nilf nilfs 1.0.16
nilf nilfs 1.0.11
nilf nilfs 1.0.8
nilf nilfs 2.0.9
nilf nilfs 1.0.10
nilf nilfs 2.0.5
nilf nilfs 2.0.10
nilf nilfs 1.0.13
nilf nilfs 2.0.1
nilf nilfs 2.0.2
nilf nilfs 1.0.5
nilf nilfs 1.0.18
nilf nilfs 1.0.0
nilf nilfs 2.0.4
nilf nilfs 2.0.7
nilf nilfs 1.0.14
nilf nilfs 1.0.15
nilf nilfs 1.0.7
nilf nilfs 1.0.3
nilf nilfs 2.0.6
nilf nilfs 1.0.12
nilf nilfs 1.0.4
nilf nilfs 1.0.1
nilf nilfs *
nilf nilfs 2.0.0
nilf nilfs 1.0.2
nilf nilfs 1.0.9