MDKSA-2005:028
- Package name
- ncpfs
- Date
- 2005-02-01
- Advisory ID
- MDKSA-2005:028
- Affected versions
- CS2.1 x86_64 , 10.0 amd64 , 10.1 i586 , 10.0 i586 , CS3.0 x86_64 , CS3.0 i586 , CS2.1 i586 , 10.1 x86_64
Problem description
Erik Sjolund discovered two vulnerabilities in programs bundled with ncpfs. Due to a flaw in nwclient.c, utilities that use the NetWare client functions insecurely access files with elevated privileges (CAN-2005-0013), and there is a potentially exploitable buffer overflow in the ncplogin program (CAN-2005-0014). As well, an older vulnerability found by Karol Wiesek is corrected with these new versions of ncpfs. Karol found a buffer overflow in the handling of the '-T' option in the ncplogin and ncpmap utilities (CAN-2004-1079).
Updated packages
CS2.1 x86_64
8853eb122b8794c8a9a6e8f304deab7b x86_64/corporate/2.1/RPMS/ipxutils-2.2.6-0.1.C21mdk.x86_64.rpm 301cd5bb7f068467f4e35752c7f6dc0a x86_64/corporate/2.1/RPMS/ncpfs-2.2.6-0.1.C21mdk.x86_64.rpm 0f6237f2270b31c7e1bcb38b01ba5017 x86_64/corporate/2.1/SRPMS/ncpfs-2.2.6-0.1.C21mdk.src.rpm
10.0 amd64
9097da50d267751a64f5a9533f84f385 amd64/10.0/RPMS/ipxutils-2.2.6-0.1.100mdk.amd64.rpm acec5bc11c51a724002860e7e2c9b741 amd64/10.0/RPMS/lib64ncpfs2.3-2.2.6-0.1.100mdk.amd64.rpm dc21cc53b30d974ce146da962edde2b2 amd64/10.0/RPMS/lib64ncpfs2.3-devel-2.2.6-0.1.100mdk.amd64.rpm af24f5eca27924522f8c84ae0f39dc45 amd64/10.0/RPMS/ncpfs-2.2.6-0.1.100mdk.amd64.rpm d841a4aac6f48ef283dbe84f7385b2cb amd64/10.0/SRPMS/ncpfs-2.2.6-0.1.100mdk.src.rpm
10.1 i586
9a6f8acfb1290af92171a23696cc7398 10.1/RPMS/ipxutils-2.2.6-0.1.101mdk.i586.rpm ad4eba0c498de9884c1e7f3bb8f14452 10.1/RPMS/libncpfs2.3-2.2.6-0.1.101mdk.i586.rpm a7ad4a7f0ce4cb2723dc5d48d0ddcc21 10.1/RPMS/libncpfs2.3-devel-2.2.6-0.1.101mdk.i586.rpm d283bbbac0839f1866909efc4ffdb62d 10.1/RPMS/ncpfs-2.2.6-0.1.101mdk.i586.rpm 887f5d5c3f2d19f7c2cd64e74a80391e 10.1/SRPMS/ncpfs-2.2.6-0.1.101mdk.src.rpm
10.0 i586
26507b12e312d06ad7a0250fd29c2fc9 10.0/RPMS/ipxutils-2.2.6-0.1.100mdk.i586.rpm 31054e1560e02396af427feb8d0bb9e0 10.0/RPMS/libncpfs2.3-2.2.6-0.1.100mdk.i586.rpm ae8ea25eebe37782e4315da2ea4ac469 10.0/RPMS/libncpfs2.3-devel-2.2.6-0.1.100mdk.i586.rpm b3988245505c1bf1bf4f5da5c502f22a 10.0/RPMS/ncpfs-2.2.6-0.1.100mdk.i586.rpm d841a4aac6f48ef283dbe84f7385b2cb 10.0/SRPMS/ncpfs-2.2.6-0.1.100mdk.src.rpm
CS3.0 x86_64
5ef7e7e41733515a9cf2dcdbb7da2077 x86_64/corporate/3.0/RPMS/ipxutils-2.2.6-0.1.C30mdk.x86_64.rpm 5e43e4f0528b48d44fdcecd8daa41301 x86_64/corporate/3.0/RPMS/lib64ncpfs2.3-2.2.6-0.1.C30mdk.x86_64.rpm ab83b39e1df11230e86973816092f4ab x86_64/corporate/3.0/RPMS/lib64ncpfs2.3-devel-2.2.6-0.1.C30mdk.x86_64.rpm 2e29f744a8757ff7801c03b73ee8ace6 x86_64/corporate/3.0/RPMS/ncpfs-2.2.6-0.1.C30mdk.x86_64.rpm 3fe66a2f8e1fa32dea3cdf95557c6b41 x86_64/corporate/3.0/SRPMS/ncpfs-2.2.6-0.1.C30mdk.src.rpm
CS3.0 i586
a59c9cf6fa986df07406af63d204c01d corporate/3.0/RPMS/ipxutils-2.2.6-0.1.C30mdk.i586.rpm 4cca91d9bffdb6989edc498fa5545542 corporate/3.0/RPMS/libncpfs2.3-2.2.6-0.1.C30mdk.i586.rpm 01221b951c46c7c989c67edddaf988c2 corporate/3.0/RPMS/libncpfs2.3-devel-2.2.6-0.1.C30mdk.i586.rpm eb433fe9482cbb74634169330e51720c corporate/3.0/RPMS/ncpfs-2.2.6-0.1.C30mdk.i586.rpm 3fe66a2f8e1fa32dea3cdf95557c6b41 corporate/3.0/SRPMS/ncpfs-2.2.6-0.1.C30mdk.src.rpm
CS2.1 i586
8fe930fd368a97b4f20ae4bca84a9761 corporate/2.1/RPMS/ipxutils-2.2.6-0.1.C21mdk.i586.rpm fc4d61b54dd07f64aa613bdf7a4016a0 corporate/2.1/RPMS/ncpfs-2.2.6-0.1.C21mdk.i586.rpm 0f6237f2270b31c7e1bcb38b01ba5017 corporate/2.1/SRPMS/ncpfs-2.2.6-0.1.C21mdk.src.rpm
10.1 x86_64
3eeb4ea7fe45ec1f58d4ae5b523627fe x86_64/10.1/RPMS/ipxutils-2.2.6-0.1.101mdk.x86_64.rpm c3758043e2bd3ddc24f5c3e34be2cc93 x86_64/10.1/RPMS/lib64ncpfs2.3-2.2.6-0.1.101mdk.x86_64.rpm 11539d55f026d1ef9907e27ffd8d4cc2 x86_64/10.1/RPMS/lib64ncpfs2.3-devel-2.2.6-0.1.101mdk.x86_64.rpm a10864210cf07d875b770b3f34caa47d x86_64/10.1/RPMS/ncpfs-2.2.6-0.1.101mdk.x86_64.rpm 887f5d5c3f2d19f7c2cd64e74a80391e x86_64/10.1/SRPMS/ncpfs-2.2.6-0.1.101mdk.src.rpm