CVE-2011-1089

by Fred · 09/04/2011

The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296.

Date published : 2011-04-09

http://www.securityfocus.com/bid/46740

http://www.mandriva.com/security/advisories?name=MDVSA-2011:178

CVE-2011-1089

Similar

Recent Posts

Categories

CVE-2011-1089

Share this:

Similar

Recent Posts

Categories

Tags