[原文]mntd_mount.c in mntd before 0.4.2 might allow local users to gain privileges via shell metacharacters in a remount option in the configuration file. NOTE: It is not clear whether this is a vulnerability because there is not necessarily any common usage in which privilege boundaries are crossed. Typical usage would restrict write access to the configuration file.
mntd contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is due to improper filtering of the "remount" option read from the configuration file. By modifying the configuration file to include specially crafted commands, a local attacker can execute arbitrary commands with mntd process privileges, once the configuration file is processed.
Upgrade to version 0.4.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.