CVE-2011-1679 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1679): ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to the /etc/mtab file and (2) ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.
Mageia people tried to fix this: https://bugs.mageia.org/show_bug.cgi?id=6153#c4 but they have problems to test if it still works ok after patching
(In reply to Pacho Ramos from comment #1) > Mageia people tried to fix this: > https://bugs.mageia.org/show_bug.cgi?id=6153#c4 > > but they have problems to test if it still works ok after patching I actually have NetWare installs (3.12, 4.2, and 6.5) in VMs. I've also dabbled w/ mounting NCP shares on my main Linux box, so I'm already setup to do some partial testing. I'll see if I take a look at this next weekend or so to see if the Mageia fix still works to mount NCP shares correctly.
Fixed in ncpfs-2.2.6-r3. Security team, all yours now.
Patch cve-2011-1679-1680.patch is useless, because drop-mtab-support.patch from Debian (you rebased it due to the changes made by cve-... patch :) ) completely removes /etc/mtab support.
(In reply to Alexander Tsoy from comment #4) > Patch cve-2011-1679-1680.patch is useless, because drop-mtab-support.patch > from Debian (you rebased it due to the changes made by cve-... patch :) ) > completely removes /etc/mtab support. Ah, well, Mageia didn't really document what that patch was doing in the first place. Let me fix it...
Now it should be fixed. Thanks for catching that :)
