CVE-2008-3970

pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify mountpoint and source ownership before mounting a user-defined volume, which allows local users to bypass intended access restrictions via a local mount.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
VendorProductVersion
pam_mountpam_mount
0.10
pam_mountpam_mount
0.11
pam_mountpam_mount
0.12.2
pam_mountpam_mount
0.13
pam_mountpam_mount
0.15
pam_mountpam_mount
0.16
pam_mountpam_mount
0.17
pam_mountpam_mount
0.18
pam_mountpam_mount
0.19
pam_mountpam_mount
0.20
pam_mountpam_mount
0.21
pam_mountpam_mount
0.26
pam_mountpam_mount
0.27
pam_mountpam_mount
0.28
pam_mountpam_mount
0.29
pam_mountpam_mount
0.31
pam_mountpam_mount
0.32
pam_mountpam_mount
0.35
pam_mountpam_mount
0.35.1
pam_mountpam_mount
0.37
pam_mountpam_mount
0.38
pam_mountpam_mount
0.39
pam_mountpam_mount
0.40
pam_mountpam_mount
0.41
pam_mountpam_mount
0.43
pam_mountpam_mount
0.44
pam_mountpam_mount
0.45
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libpam-mount
bullseye
2.18-1
fixed
bookworm
2.19-1
fixed
sid
2.20-3
fixed
trixie
2.20-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libpam-mount
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
not-affected
jaunty
not-affected
intrepid
ignored
hardy
ignored
gutsy
ignored
feisty
ignored
dapper
ignored
Common Weakness Enumeration
References
http://dev.medozas.de/gitweb.cgi?p=pam_mount%3Ba=commitdiff%3Bh=33b91d7659ae3aa78b1e94fd3f8e545ae5ff25db
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html
http://sourceforge.net/mailarchive/forum.php?thread_name=alpine.LNX.1.10.0809042353120.17569%40fbirervta.pbzchgretzou.qr&forum_name=pam-mount-user
http://sourceforge.net/project/shownotes.php?release_id=624240
http://www.mandriva.com/security/advisories?name=MDVSA-2008:208
http://www.openwall.com/lists/oss-security/2008/09/06/3
http://www.openwall.com/lists/oss-security/2008/09/09/12
http://www.securityfocus.com/bid/31041
https://exchange.xforce.ibmcloud.com/vulnerabilities/44960
http://dev.medozas.de/gitweb.cgi?p=pam_mount%3Ba=commitdiff%3Bh=33b91d7659ae3aa78b1e94fd3f8e545ae5ff25db
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html
http://sourceforge.net/mailarchive/forum.php?thread_name=alpine.LNX.1.10.0809042353120.17569%40fbirervta.pbzchgretzou.qr&forum_name=pam-mount-user
http://sourceforge.net/project/shownotes.php?release_id=624240
http://www.mandriva.com/security/advisories?name=MDVSA-2008:208
http://www.openwall.com/lists/oss-security/2008/09/06/3
http://www.openwall.com/lists/oss-security/2008/09/09/12
http://www.securityfocus.com/bid/31041
https://exchange.xforce.ibmcloud.com/vulnerabilities/44960