Rapid7 Vulnerability & Exploit Database

RHSA-2009:1307: ecryptfs-utils security, bug fix, and enhancement update

Back to Search

RHSA-2009:1307: ecryptfs-utils security, bug fix, and enhancement update

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
11/20/2008
Created
07/25/2018
Added
09/12/2009
Modified
07/04/2017

Description

eCryptfs is a stacked, cryptographic file system. It is transparent to theunderlying file system and provides per-file granularity.eCryptfs is released as a Technology Preview for Red Hat Enterprise Linux5.4. These updated ecryptfs-utils packages have been upgraded to upstreamversion 75, which provides a number of bug fixes and enhancements over theprevious version. In addition, these packages provide a graphical programto help configure and use eCryptfs. To start this program, run the command: ecryptfs-mount-helper-guiImportant: the syntax of certain eCryptfs mount options has changed. Userswho were previously using the initial Technology Preview release ofecryptfs-utils are advised to refer to the ecryptfs(7) man page, and toupdate any affected mount scripts and /etc/fstab entries for eCryptfs filesystems.A disclosure flaw was found in the way the "ecryptfs-setup-private" scriptpassed passphrases to the "ecryptfs-wrap-passphrase" and"ecryptfs-add-passphrase" commands as command line arguments. A local usercould obtain the passphrases of other users who were running the scriptfrom the process listing. (CVE-2008-5188)These updated packages provide various enhancements, including a mounthelper and supporting libraries to perform key management and mountingfunctions.Notable enhancements include: yum install ecryptfs-utils-gui(BZ#500997)These updated packages also fix the following bugs:Users are advised to upgrade to these updated ecryptfs-utils packages,which resolve these issues and add these enhancements.

Solution(s)

  • redhat-upgrade-ecryptfs-utils
  • redhat-upgrade-ecryptfs-utils-devel
  • redhat-upgrade-ecryptfs-utils-gui

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;