blob: ea8cb262a7b2ccfaaf78054a718cd5b962d936d6 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200412-09">
<title>ncpfs: Buffer overflow in ncplogin and ncpmap</title>
ncpfs is vulnerable to a buffer overflow that could lead to local execution
of arbitrary code with elevated privileges.
<product type="ebuild">ncpfs</product>
<announced>December 15, 2004</announced>
<revised>December 15, 2004: 01</revised>
<package name="net-fs/ncpfs" auto="yes" arch="*">
<unaffected range="ge">2.2.5</unaffected>
<vulnerable range="lt">2.2.5</vulnerable>
ncpfs is a NCP protocol network filesystem that allows access to
Netware services, for example to mount volumes of NetWare servers or
print to NetWare print queues.
Karol Wiesek discovered a buffer overflow in the handling of the
'-T' option in the ncplogin and ncpmap utilities, which are both
installed as SUID root by default.
<impact type="high">
A local attacker could trigger the buffer overflow by calling one
of these utilities with a carefully crafted command line, potentially
resulting in execution of arbitrary code with root privileges.
There is no known workaround at this time.
All ncpfs users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=net-fs/ncpfs-2.2.5&quot;</code>
<uri link="">Full Disclosure Advisory</uri>
<uri link="">CAN-2004-1079</uri>
<metadata tag="requester" timestamp="Thu, 9 Dec 2004 07:35:34 +0000">
<metadata tag="submitter" timestamp="Tue, 14 Dec 2004 14:41:20 +0000">
<metadata tag="bugReady" timestamp="Tue, 14 Dec 2004 16:10:38 +0000">