CVE-2011-1679

ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to the /etc/mtab file and (2) ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.
References
Link Resource
http://openwall.com/lists/oss-security/2011/03/04/10 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/04/11 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/04/12 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/04/9 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/05/3 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/05/7 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/07/9 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/14/16 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/14/5 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/14/7 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/15/6 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/22/4 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/22/6 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/31/3 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/31/4 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/04/01/2 Mailing List Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=688980 Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/66701
http://openwall.com/lists/oss-security/2011/03/04/10 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/04/11 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/04/12 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/04/9 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/05/3 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/05/7 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/07/9 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/14/16 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/14/5 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/14/7 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/15/6 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/22/4 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/22/6 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/31/3 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/31/4 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/04/01/2 Mailing List Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=688980 Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/66701
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ncpfs:ncpfs:*:*:*:*:*:*:*:*
cpe:2.3:a:ncpfs:ncpfs:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ncpfs:ncpfs:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ncpfs:ncpfs:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ncpfs:ncpfs:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:ncpfs:ncpfs:2.2.5:*:*:*:*:*:*:*

History

21 Nov 2024, 01:26

Type Values Removed Values Added
References () http://openwall.com/lists/oss-security/2011/03/04/10 - Mailing List, Third Party Advisory () http://openwall.com/lists/oss-security/2011/03/04/10 - Mailing List, Third Party Advisory
References () http://openwall.com/lists/oss-security/2011/03/04/11 - Mailing List, Third Party Advisory () http://openwall.com/lists/oss-security/2011/03/04/11 - Mailing List, Third Party Advisory
References () http://openwall.com/lists/oss-security/2011/03/04/12 - Mailing List, Third Party Advisory () http://openwall.com/lists/oss-security/2011/03/04/12 - Mailing List, Third Party Advisory
References () http://openwall.com/lists/oss-security/2011/03/04/9 - Mailing List, Third Party Advisory () http://openwall.com/lists/oss-security/2011/03/04/9 - Mailing List, Third Party Advisory
References () http://openwall.com/lists/oss-security/2011/03/05/3 - Mailing List, Third Party Advisory () http://openwall.com/lists/oss-security/2011/03/05/3 - Mailing List, Third Party Advisory
References () http://openwall.com/lists/oss-security/2011/03/05/7 - Mailing List, Third Party Advisory () http://openwall.com/lists/oss-security/2011/03/05/7 - Mailing List, Third Party Advisory
References () http://openwall.com/lists/oss-security/2011/03/07/9 - Mailing List, Third Party Advisory () http://openwall.com/lists/oss-security/2011/03/07/9 - Mailing List, Third Party Advisory
References () http://openwall.com/lists/oss-security/2011/03/14/16 - Mailing List, Third Party Advisory () http://openwall.com/lists/oss-security/2011/03/14/16 - Mailing List, Third Party Advisory
References () http://openwall.com/lists/oss-security/2011/03/14/5 - Mailing List, Third Party Advisory () http://openwall.com/lists/oss-security/2011/03/14/5 - Mailing List, Third Party Advisory
References () http://openwall.com/lists/oss-security/2011/03/14/7 - Mailing List, Third Party Advisory () http://openwall.com/lists/oss-security/2011/03/14/7 - Mailing List, Third Party Advisory
References () http://openwall.com/lists/oss-security/2011/03/15/6 - Mailing List, Third Party Advisory () http://openwall.com/lists/oss-security/2011/03/15/6 - Mailing List, Third Party Advisory
References () http://openwall.com/lists/oss-security/2011/03/22/4 - Mailing List, Third Party Advisory () http://openwall.com/lists/oss-security/2011/03/22/4 - Mailing List, Third Party Advisory
References () http://openwall.com/lists/oss-security/2011/03/22/6 - Mailing List, Third Party Advisory () http://openwall.com/lists/oss-security/2011/03/22/6 - Mailing List, Third Party Advisory
References () http://openwall.com/lists/oss-security/2011/03/31/3 - Mailing List, Third Party Advisory () http://openwall.com/lists/oss-security/2011/03/31/3 - Mailing List, Third Party Advisory
References () http://openwall.com/lists/oss-security/2011/03/31/4 - Mailing List, Third Party Advisory () http://openwall.com/lists/oss-security/2011/03/31/4 - Mailing List, Third Party Advisory
References () http://openwall.com/lists/oss-security/2011/04/01/2 - Mailing List, Third Party Advisory () http://openwall.com/lists/oss-security/2011/04/01/2 - Mailing List, Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=688980 - Issue Tracking () https://bugzilla.redhat.com/show_bug.cgi?id=688980 - Issue Tracking
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/66701 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/66701 -

Information

Published : 2011-04-10 02:55

Updated : 2024-11-21 01:26


NVD link : CVE-2011-1679

Mitre link : CVE-2011-1679

CVE.ORG link : CVE-2011-1679


JSON object : View

Products Affected

ncpfs

  • ncpfs
CWE
CWE-20

Improper Input Validation