Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 308071 (CVE-2010-0788) - net-fs/ncpfs: multiple vulnerabilities (CVE-2010-{0788,0790,0791})
Summary: net-fs/ncpfs: multiple vulnerabilities (CVE-2010-{0788,0790,0791})
Status: RESOLVED FIXED
Alias: CVE-2010-0788
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High trivial (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: ~4 [ebuild]
Keywords:
Depends on:
Blocks:
 
Reported: 2010-03-06 15:59 UTC by Stefan Behte (RETIRED)
Modified: 2011-02-10 09:31 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Behte (RETIRED) gentoo-dev Security 2010-03-06 15:59:15 UTC 
CVE-2010-0788 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0788):
  ncpfs 2.2.6 allows local users to cause a denial of service, obtain
  sensitive information, or possibly gain privileges via symlink
  attacks involving the (1) ncpmount and (2) ncpumount programs.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2010-04-06 03:49:50 UTC 
Let's combine these two minor issues here.
Comment 2 Stefan Behte (RETIRED) gentoo-dev Security 2010-04-06 04:04:29 UTC 
CVE-2010-0790 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0790):
  sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain
  detailed error messages about the results of privileged file-access
  attempts, which allows local users to determine the existence of
  arbitrary files via the mountpoint name.

CVE-2010-0791 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0791):
  The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs
  2.2.6 do not properly create lock files, which allows local users to
  cause a denial of service (application failure) via unspecified
  vectors that trigger the creation of a /etc/mtab~ file that persists
  after the program exits.
Comment 3 Stefan Behte (RETIRED) gentoo-dev Security 2010-04-11 14:01:58 UTC 
CVE-2010-0790 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0790):
  sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain
  detailed error messages about the results of privileged file-access
  attempts, which allows local users to determine the existence of
  arbitrary files via the mountpoint name.

CVE-2010-0791 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0791):
  The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs
  2.2.6 do not properly create lock files, which allows local users to
  cause a denial of service (application failure) via unspecified
  vectors that trigger the creation of a /etc/mtab~ file that persists
  after the program exits.
Comment 4 Joshua Kinard gentoo-dev 2011-02-10 09:31:21 UTC 
Fixed in ncpfs-2.2.6-r2.  Thanks!