Search for vulnerabilities
Vulnerability details: VCID-cgxz-hv3k-aaae
Vulnerability ID VCID-cgxz-hv3k-aaae
Aliases CVE-2005-2876
Summary umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just the read-only flag, which effectively clears the nosuid, nodev, and other flags.
Status Published
Exploitability 0.5
Weighted Severity 6.5
Risk 3.2
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2005:782
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00091 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00091 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00091 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00091 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00091 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00091 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00091 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00091 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00091 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00091 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00091 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00091 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00091 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00091 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00091 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00091 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
epss 0.00091 https://api.first.org/data/v1/epss?cve=CVE-2005-2876
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1617764
cvssv2 7.2 https://nvd.nist.gov/vuln/detail/CVE-2005-2876
Reference id Reference type URL
http://marc.info/?l=bugtraq&m=112656096125857&w=2
http://marc.info/?l=bugtraq&m=112690609622266&w=2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2876.json
https://api.first.org/data/v1/epss?cve=CVE-2005-2876
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2876
http://secunia.com/advisories/16785
http://secunia.com/advisories/16988
http://secunia.com/advisories/17004
http://secunia.com/advisories/17027
http://secunia.com/advisories/17133
http://secunia.com/advisories/17154
http://secunia.com/advisories/18502
https://exchange.xforce.ibmcloud.com/vulnerabilities/22241
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10921
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101960-1
http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm
http://www.debian.org/security/2005/dsa-823
http://www.debian.org/security/2005/dsa-825
http://www.novell.com/linux/security/advisories/2005_21_sr.html
http://www.osvdb.org/19369
http://www.securityfocus.com/archive/1/419774/100/0/threaded
http://www.securityfocus.com/bid/14816
http://www.ubuntu.com/usn/usn-184-1
1617764 https://bugzilla.redhat.com/show_bug.cgi?id=1617764
328141 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=328141
cpe:2.3:a:andries_brouwer:util-linux:2.10f:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.10f:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.10m:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.10m:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.10p:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.10p:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.11f:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.11f:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.11n:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.11n:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.11q:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.11q:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.11r:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.11r:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.11w:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.11w:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.11x:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.11x:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.11y:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.11y:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.11z:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.11z:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.12a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.12a:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.12b:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.12b:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.12i:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.12i:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.12j:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.12j:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.12k:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.12k:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.12o:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.12o:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.12p:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.12p:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.12q:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.12q:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.13_pre1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.13_pre1:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.13_pre2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.13_pre2:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.8_12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.8_12:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.8.1_alpha:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.8.1_alpha:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.9i:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.9i:*:*:*:*:*:*:*
cpe:2.3:a:andries_brouwer:util-linux:2.9w:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:andries_brouwer:util-linux:2.9w:*:*:*:*:*:*:*
CVE-2005-2876 https://nvd.nist.gov/vuln/detail/CVE-2005-2876
RHSA-2005:782 https://access.redhat.com/errata/RHSA-2005:782
USN-184-1 https://usn.ubuntu.com/184-1/
No exploits are available.
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2005-2876
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.11813
EPSS Score 0.00048
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.