CVE - CVE-2011-1011

CVE-ID
CVE-2011-1011	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1025291 URL:http://www.securitytracker.com/id?1025291 MISC:20110222 Developers should not rely on the stickiness of /tmp on Red Hat Linux URL:http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0585.html MISC:43415 URL:http://secunia.com/advisories/43415 MISC:43844 URL:http://secunia.com/advisories/43844 MISC:44034 URL:http://secunia.com/advisories/44034 MISC:46510 URL:http://www.securityfocus.com/bid/46510 MISC:ADV-2011-0701 URL:~~http://www.vupen.com/english/advisories/2011/0701~~ (Obsolete source) MISC:ADV-2011-0864 URL:~~http://www.vupen.com/english/advisories/2011/0864~~ (Obsolete source) MISC:FEDORA-2011-3043 URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056227.html MISC:RHSA-2011:0414 URL:http://www.redhat.com/support/errata/RHSA-2011-0414.html MISC:[oss-security] 20110222 CVE Request URL:http://openwall.com/lists/oss-security/2011/02/23/1 MISC:[oss-security] 20110223 Re: CVE Request URL:http://openwall.com/lists/oss-security/2011/02/23/2 MISC:http://pkgs.fedoraproject.org/gitweb/?p=policycoreutils.git%3Ba=blob%3Bf=policycoreutils-rhat.patch%3Bh=d4db5bc06027de23d12a4b3f18fa6f9b1517df27%3Bhb=HEAD#l2197 URL:http://pkgs.fedoraproject.org/gitweb/?p=policycoreutils.git%3Ba=blob%3Bf=policycoreutils-rhat.patch%3Bh=d4db5bc06027de23d12a4b3f18fa6f9b1517df27%3Bhb=HEAD#l2197 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=633544 URL:https://bugzilla.redhat.com/show_bug.cgi?id=633544 MISC:policycoreutils-seunshare-symlink(65641) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/65641
Assigning CNA
Red Hat, Inc.
Date Record Created
20110214	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20110214)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)