MidnightBSD

Advisories for pam_mount

CVE-2008-3970 MEDIUM

pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify mountpoint and source ownership before mounting a user-defined volume, which allows local users to bypass intended access restrictions via a local mount.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
pam_mount pam_mount 0.26
pam_mount pam_mount 0.31
pam_mount pam_mount 0.45
pam_mount pam_mount 0.28
pam_mount pam_mount 0.35
pam_mount pam_mount 0.29
pam_mount pam_mount 0.39
pam_mount pam_mount 0.20
pam_mount pam_mount 0.37
pam_mount pam_mount 0.12.2
pam_mount pam_mount 0.32
pam_mount pam_mount 0.35.1
pam_mount pam_mount 0.16
pam_mount pam_mount 0.10
pam_mount pam_mount 0.38
pam_mount pam_mount 0.27
pam_mount pam_mount 0.41
pam_mount pam_mount 0.43
pam_mount pam_mount 0.44
pam_mount pam_mount 0.13
pam_mount pam_mount 0.40
pam_mount pam_mount 0.15
pam_mount pam_mount 0.18
pam_mount pam_mount 0.11
pam_mount pam_mount 0.17
pam_mount pam_mount 0.21
pam_mount pam_mount 0.19