CVE-2007-6285 - The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterp

CVE-2007-6285

Summary

The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special device files on that server, as demonstrated by the /dev/mem device.

References

Vulnerable Configurations

cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

CVSS

Base:	6.2 (as of 29-09-2017 - 01:29)
Impact:
Exploitability:

CWE

CWE-16

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:H/Au:N/C:C/I:C/A:C

oval via4

accepted

2013-04-29T04:14:11.685-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990
comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

family

unix

oval:org.mitre.oval:def:11457

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

version

redhat via4

advisories

bugzilla

id	426218
title	CVE-2007-6285 autofs default doesn't set nodev in /net

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005
comment autofs is earlier than 1:5.0.1-0.rc2.55.el5.2
oval oval:com.redhat.rhsa:tst:20071176001
comment autofs is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20071128002

rhsa

id	RHSA-2007:1176
released	2007-12-20
severity	Important
title	RHSA-2007:1176: autofs security update (Important)

bugzilla

id	426218
title	CVE-2007-6285 autofs default doesn't set nodev in /net

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 4 is installed
oval oval:com.redhat.rhba:tst:20070304025
comment autofs5 is earlier than 1:5.0.1-0.rc2.55.el4_6.2
oval oval:com.redhat.rhsa:tst:20071177001
comment autofs5 is signed with Red Hat master key
oval oval:com.redhat.rhsa:tst:20071129002

rhsa

id	RHSA-2007:1177
released	2007-12-20
severity	Important
title	RHSA-2007:1177: autofs5 security update (Important)

rpms

autofs-1:5.0.1-0.rc2.55.el5.2
autofs-debuginfo-1:5.0.1-0.rc2.55.el5.2
autofs5-1:5.0.1-0.rc2.55.el4_6.2
autofs5-debuginfo-1:5.0.1-0.rc2.55.el4_6.2

refmap via4

bid	26970
fedora	FEDORA-2007-4707 FEDORA-2007-4709
mandriva	MDVSA-2008:009
misc	https://bugzilla.redhat.com/show_bug.cgi?id=426218
osvdb	40442
sectrack	1019137
secunia	28156 28168 28456
xf	autofs-hostsmap-weak-securtiy(39188)

Last major update

29-09-2017 - 01:29

Published

20-12-2007 - 22:46

Last modified

29-09-2017 - 01:29