MDVSA-2010:061 -- Mandriva ncpfsID: oval:org.secpod.oval:def:300174 | Date: (C)2012-01-07 (M)2021-09-11 |
Class: PATCH | Family: unix |
Multiple vulnerabilities has been found and corrected in ncpfs: sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detailed error messages about the results of privileged file-access attempts, which allows local users to determine the existence of arbitrary files via the mountpoint name . The ncpmount, ncpumount, and ncplogin programs in ncpfs 2.2.6 do not properly create lock files, which allows local users to cause a denial of service via unspecified vectors that trigger the creation of a /etc/mtab~ file that persists after the program exits . Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues.
Platform: |
Mandriva Linux 2010.0 |
Mandriva Linux 2009.0 |
Mandriva Linux 2009.1 |
Mandriva Linux 2008.0 |