Id:
CVE-2014-1421
Comment
:
mountall 1.54, as used in Ubuntu 14.10, does not properly handle the umask when using the mount utility, which allows local users to bypass intended access restrictions via unspecified vectors.
CVSSv2 Score:
7.2
Access vector:
|
LOCAL
|
Access complexity:
|
LOW
|
Authentication:
|
NONE
|
Confidentiality impact:
|
COMPLETE
|
Integrity impact:
|
COMPLETE
|
Availability impact:
|
COMPLETE
|
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
References: