 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2007-4849 |
| Description: | JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly other Linux systems, when POSIX ACL support is enabled, does not properly store permissions during (1) inode creation or (2) ACL setting, which might allow local users to access restricted files or directories after a remount of a filesystem, related to "legacy modes" and an inconsistency between dentry permissions and inode permissions. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.58637 1.3.6.1.4.1.25623.1.0.58636 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2007-4849 BugTraq ID: 25838 http://www.securityfocus.com/bid/25838 Debian Security Information: DSA-1378 (Google Search) http://www.debian.org/security/2007/dsa-1378 http://lists.infradead.org/pipermail/linux-mtd-cvs/2007-August/005897.html http://secunia.com/advisories/26978 http://secunia.com/advisories/28170 http://secunia.com/advisories/28706 http://www.ubuntu.com/usn/usn-558-1 http://www.ubuntu.com/usn/usn-574-1 |