CVE-2011-1835

Published Feb 15, 2014

Last updated 11 years ago

CVSS info 4.4

Overview

Description: The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps.
Source: security@ubuntu.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.4
Impact score: 6.4
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-255

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9E226CD-F9E6-4B09-93B9-569D0FBDE943",
            "versionEndIncluding": "89"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:62:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D197F4A3-473A-48FF-9C7F-658C6C1A6447"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:63:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "723E43D2-1130-424E-915E-1A6272FCEB41"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:64:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E01C51EC-BE54-48B9-B9A5-740836C97B01"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:65:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AFDA6DA-B6D7-4AAC-9288-A6AA459BE69B"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:66:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC251173-56EF-47A9-A119-F9C274BAD2CF"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:67:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "605ABD47-0352-49ED-A144-7C5696E38C4D"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:68:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93457510-CCBF-4D63-B308-060BBAC06D2F"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:69:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0C9AC87-2A7B-45B5-BE9C-8244B777FAA2"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:70:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FC81566-A73B-463B-86AE-D81B25C5849E"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:71:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD2BA072-A019-42FA-946D-53E01AC034AB"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:72:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77BDB4AC-112A-4CE9-88C7-4DEC352C7766"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:73:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "574C934F-BDE7-4917-B24D-586DF6E148F4"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:74:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74DB67B9-A924-4228-918F-322838B74E48"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:75:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6916E70E-C639-4880-83AC-5A90C589FFDF"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:76:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF0B9852-4258-4963-98C4-7FED40BB0BC9"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:77:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1862F4F-D023-4C9E-B2CD-F6DF282AB351"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:78:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A905D1F-F329-451E-92E1-E3AEA75000BF"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:79:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CBD61AB-AE3C-4B21-A369-F38ED20489F1"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:80:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06DC6EF5-1192-4186-B99B-9615BF74F7B8"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:81:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F16E0B1E-C7FA-48D3-ACE1-5CCC4C8E3319"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:82:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FD6A8D7-2FEE-43B6-A6C2-C18A13A0E870"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:83:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "181A9F89-9B45-4025-BB7F-42B0AF6CB534"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:84:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC38EDAA-BF0C-4BE3-9151-995A329B6653"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:85:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE16EEF5-2EC2-4D35-8D0A-778E5F647600"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:86:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7759293-210E-498E-BF9C-E11A748174CE"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs-utils:87:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A41D43F-E57C-41CB-A121-D1E3692900B8"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:58:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE9A6D32-8A3D-4A25-BF1E-2ED812539F00"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:59:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB9630D3-DE46-4C60-A9B0-57B8B9B3C857"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:60:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFE4E253-4CE1-4122-8FFA-974A466D309B"
          },
          {
            "criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:61:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74A6D874-CFFC-49C8-8BB0-DC5DA52E5A16"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References