Test ID:	1.3.6.1.4.1.25623.1.1.10.2018.0314
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2018-0314)
Summary:	The remote host is missing an update for the 'cantata' package(s) announced via the MGASA-2018-0314 advisory.
Description:	Summary: The remote host is missing an update for the 'cantata' package(s) announced via the MGASA-2018-0314 advisory. Vulnerability Insight: The mount target path check in mounter.cpp 'mpOk()' is insufficient. A regular user can this way mount a CIFS filesystem anywhere, and not just beneath /home by passing relative path components (CVE-2018-12559). Arbitrary unmounts can be performed by regular users the same way (CVE-2018-12560). A regular user can inject additional mount options like file_mode= by manipulating e.g. the domain parameter of the samba URL (CVE-2018-12561). The wrapper script 'mount.cifs.wrapper' uses the shell to forward the arguments to the actual mount.cifs binary. The shell evaluates wildcards which can also be injected (CVE-2018-12562). To fix these issues, the vulnerable D-Bus service has been removed. Affected Software/OS: 'cantata' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-12559 http://www.openwall.com/lists/oss-security/2018/06/18/1 https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3 Common Vulnerability Exposure (CVE) ID: CVE-2018-12560 Common Vulnerability Exposure (CVE) ID: CVE-2018-12561 Common Vulnerability Exposure (CVE) ID: CVE-2018-12562
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.