Paketname
ncpfs
Datum
2005-02-01
Advisory ID
MDKSA-2005:028
Betroffene Versionen
CS2.1 x86_64 , 10.0 amd64 , 10.1 i586 , 10.0 i586 , CS3.0 x86_64 , CS3.0 i586 , CS2.1 i586 , 10.1 x86_64

Problembeschreibung

Erik Sjolund discovered two vulnerabilities in programs bundled with ncpfs. Due to a flaw in nwclient.c, utilities that use the NetWare client functions insecurely access files with elevated privileges (CAN-2005-0013), and there is a potentially exploitable buffer overflow in the ncplogin program (CAN-2005-0014). As well, an older vulnerability found by Karol Wiesek is corrected with these new versions of ncpfs. Karol found a buffer overflow in the handling of the '-T' option in the ncplogin and ncpmap utilities (CAN-2004-1079).

Aktualisierte Pakete

CS2.1 x86_64

 8853eb122b8794c8a9a6e8f304deab7b  x86_64/corporate/2.1/RPMS/ipxutils-2.2.6-0.1.C21mdk.x86_64.rpm
301cd5bb7f068467f4e35752c7f6dc0a  x86_64/corporate/2.1/RPMS/ncpfs-2.2.6-0.1.C21mdk.x86_64.rpm
0f6237f2270b31c7e1bcb38b01ba5017  x86_64/corporate/2.1/SRPMS/ncpfs-2.2.6-0.1.C21mdk.src.rpm

10.0 amd64

 9097da50d267751a64f5a9533f84f385  amd64/10.0/RPMS/ipxutils-2.2.6-0.1.100mdk.amd64.rpm
acec5bc11c51a724002860e7e2c9b741  amd64/10.0/RPMS/lib64ncpfs2.3-2.2.6-0.1.100mdk.amd64.rpm
dc21cc53b30d974ce146da962edde2b2  amd64/10.0/RPMS/lib64ncpfs2.3-devel-2.2.6-0.1.100mdk.amd64.rpm
af24f5eca27924522f8c84ae0f39dc45  amd64/10.0/RPMS/ncpfs-2.2.6-0.1.100mdk.amd64.rpm
d841a4aac6f48ef283dbe84f7385b2cb  amd64/10.0/SRPMS/ncpfs-2.2.6-0.1.100mdk.src.rpm

10.1 i586

 9a6f8acfb1290af92171a23696cc7398  10.1/RPMS/ipxutils-2.2.6-0.1.101mdk.i586.rpm
ad4eba0c498de9884c1e7f3bb8f14452  10.1/RPMS/libncpfs2.3-2.2.6-0.1.101mdk.i586.rpm
a7ad4a7f0ce4cb2723dc5d48d0ddcc21  10.1/RPMS/libncpfs2.3-devel-2.2.6-0.1.101mdk.i586.rpm
d283bbbac0839f1866909efc4ffdb62d  10.1/RPMS/ncpfs-2.2.6-0.1.101mdk.i586.rpm
887f5d5c3f2d19f7c2cd64e74a80391e  10.1/SRPMS/ncpfs-2.2.6-0.1.101mdk.src.rpm

10.0 i586

 26507b12e312d06ad7a0250fd29c2fc9  10.0/RPMS/ipxutils-2.2.6-0.1.100mdk.i586.rpm
31054e1560e02396af427feb8d0bb9e0  10.0/RPMS/libncpfs2.3-2.2.6-0.1.100mdk.i586.rpm
ae8ea25eebe37782e4315da2ea4ac469  10.0/RPMS/libncpfs2.3-devel-2.2.6-0.1.100mdk.i586.rpm
b3988245505c1bf1bf4f5da5c502f22a  10.0/RPMS/ncpfs-2.2.6-0.1.100mdk.i586.rpm
d841a4aac6f48ef283dbe84f7385b2cb  10.0/SRPMS/ncpfs-2.2.6-0.1.100mdk.src.rpm

CS3.0 x86_64

 5ef7e7e41733515a9cf2dcdbb7da2077  x86_64/corporate/3.0/RPMS/ipxutils-2.2.6-0.1.C30mdk.x86_64.rpm
5e43e4f0528b48d44fdcecd8daa41301  x86_64/corporate/3.0/RPMS/lib64ncpfs2.3-2.2.6-0.1.C30mdk.x86_64.rpm
ab83b39e1df11230e86973816092f4ab  x86_64/corporate/3.0/RPMS/lib64ncpfs2.3-devel-2.2.6-0.1.C30mdk.x86_64.rpm
2e29f744a8757ff7801c03b73ee8ace6  x86_64/corporate/3.0/RPMS/ncpfs-2.2.6-0.1.C30mdk.x86_64.rpm
3fe66a2f8e1fa32dea3cdf95557c6b41  x86_64/corporate/3.0/SRPMS/ncpfs-2.2.6-0.1.C30mdk.src.rpm

CS3.0 i586

 a59c9cf6fa986df07406af63d204c01d  corporate/3.0/RPMS/ipxutils-2.2.6-0.1.C30mdk.i586.rpm
4cca91d9bffdb6989edc498fa5545542  corporate/3.0/RPMS/libncpfs2.3-2.2.6-0.1.C30mdk.i586.rpm
01221b951c46c7c989c67edddaf988c2  corporate/3.0/RPMS/libncpfs2.3-devel-2.2.6-0.1.C30mdk.i586.rpm
eb433fe9482cbb74634169330e51720c  corporate/3.0/RPMS/ncpfs-2.2.6-0.1.C30mdk.i586.rpm
3fe66a2f8e1fa32dea3cdf95557c6b41  corporate/3.0/SRPMS/ncpfs-2.2.6-0.1.C30mdk.src.rpm

CS2.1 i586

 8fe930fd368a97b4f20ae4bca84a9761  corporate/2.1/RPMS/ipxutils-2.2.6-0.1.C21mdk.i586.rpm
fc4d61b54dd07f64aa613bdf7a4016a0  corporate/2.1/RPMS/ncpfs-2.2.6-0.1.C21mdk.i586.rpm
0f6237f2270b31c7e1bcb38b01ba5017  corporate/2.1/SRPMS/ncpfs-2.2.6-0.1.C21mdk.src.rpm

10.1 x86_64

 3eeb4ea7fe45ec1f58d4ae5b523627fe  x86_64/10.1/RPMS/ipxutils-2.2.6-0.1.101mdk.x86_64.rpm
c3758043e2bd3ddc24f5c3e34be2cc93  x86_64/10.1/RPMS/lib64ncpfs2.3-2.2.6-0.1.101mdk.x86_64.rpm
11539d55f026d1ef9907e27ffd8d4cc2  x86_64/10.1/RPMS/lib64ncpfs2.3-devel-2.2.6-0.1.101mdk.x86_64.rpm
a10864210cf07d875b770b3f34caa47d  x86_64/10.1/RPMS/ncpfs-2.2.6-0.1.101mdk.x86_64.rpm
887f5d5c3f2d19f7c2cd64e74a80391e  x86_64/10.1/SRPMS/ncpfs-2.2.6-0.1.101mdk.src.rpm

Referenzen