- Nom du paquet
- Advisory ID
- Affected versions
- MBS1 x86_64
Multiple vulnerabilities has been discovered and corrected in ncpfs:
ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to
the /etc/mtab file and (2) ncpumount to append to the /etc/mtab.tmp
file without first checking whether resource limits would interfere,
which allows local users to trigger corruption of the /etc/mtab file
via a process with a small RLIMIT_FSIZE value, a related issue to
ncpmount in ncpfs 2.2.6 and earlier does not remove the /etc/mtab~
lock file after a failed attempt to add a mount entry, which has
unspecified impact and local attack vectors (CVE-2011-1680).
The updated packages have been patched to correct these issues.
c2a727406433af38bc350b28b943ffd5 mbs1/x86_64/ipxutils-2.2.6-11.1.mbs1.x86_64.rpm 9e6cfac7329f76a0216b19939d9811de mbs1/x86_64/lib64ncpfs2.3-2.2.6-11.1.mbs1.x86_64.rpm 5ad7576e7f77873503f643e14b296cda mbs1/x86_64/lib64ncpfs-devel-2.2.6-11.1.mbs1.x86_64.rpm b6532c99f5c8194fc477fc39c29708ac mbs1/x86_64/ncpfs-2.2.6-11.1.mbs1.x86_64.rpm abc71b5ed182e28ac708e196cb50540a mbs1/SRPMS/ncpfs-2.2.6-11.1.mbs1.src.rpm