Home > Vulnerability Database > CVE-2010-2961

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2010-2961

Date: October 3, 2022

mountall.c in mountall before 2.15.2 uses 0666 permissions for the root.rules file, which allows local users to gain privileges by modifying this file.

Severity Score

7.4

Related Resources (8)

Url: http://secunia.com/advisories/41351

Url: http://www.vupen.com/english/advisories/2010/2342

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2010-2961

Url: https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/591807

Url: https://nvd.nist.gov/vuln/detail/CVE-2010-2961

Url: http://www.osvdb.org/67914

Url: http://www.ubuntu.com/usn/USN-985-1

Url: https://www.mend.io/vulnerability-database/CVE-2010-2961

Severity Score

7.4

Weakness Type (CWE)

Race Conditions

CWE-362

CVSS v3.1

Base Score:	7.4
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	6.9
Access Vector (AV):	LOCAL
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Do you need more information?

Contact Us