Ncpfs
by Ncpfs
CVEs (8)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2010-0788 | 0.03 | — | 0.00 | Mar 2, 2010 | ncpfs 2.2.6 allows local users to cause a denial of service, obtain sensitive information, or possibly gain privileges via symlink attacks involving the (1) ncpmount and (2) ncpumount programs. | ||
| CVE-2011-1680 | 0.00 | — | 0.00 | Apr 10, 2011 | ncpmount in ncpfs 2.2.6 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors. | ||
| CVE-2011-1679 | 0.00 | — | 0.00 | Apr 10, 2011 | ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to the /etc/mtab file and (2) ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089. | ||
| CVE-2010-0791 | 0.00 | — | 0.00 | Mar 10, 2010 | The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs 2.2.6 do not properly create lock files, which allows local users to cause a denial of service (application failure) via unspecified vectors that trigger the creation of a /etc/mtab~ file that persists after the program exits. | ||
| CVE-2010-0790 | 0.00 | — | 0.00 | Mar 10, 2010 | sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detailed error messages about the results of privileged file-access attempts, which allows local users to determine the existence of arbitrary files via the mountpoint name. | ||
| CVE-2005-0013 | 0.00 | — | 0.00 | May 2, 2005 | nwclient.c in ncpfs before 2.2.6 does not drop root privileges before executing utilities using the NetWare client functions, which allows local users to gain privileges. | ||
| CVE-2005-0014 | 0.00 | — | 0.02 | May 2, 2005 | Buffer overflow in ncplogin in ncpfs before 2.2.6 allows remote malicious NetWare servers to execute arbitrary code on the NetWare client. | ||
| CVE-2004-1079 | 0.00 | — | 0.00 | Jan 10, 2005 | Buffer overflow in (1) ncplogin and (2) ncpmap in nwclient.c for ncpfs 2.2.4, and possibly other versions, may allow local users to gain privileges via a long -T option. |
- CVE-2010-0788Mar 2, 2010risk 0.03cvss —epss 0.00
ncpfs 2.2.6 allows local users to cause a denial of service, obtain sensitive information, or possibly gain privileges via symlink attacks involving the (1) ncpmount and (2) ncpumount programs.
- CVE-2011-1680Apr 10, 2011risk 0.00cvss —epss 0.00
ncpmount in ncpfs 2.2.6 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors.
- CVE-2011-1679Apr 10, 2011risk 0.00cvss —epss 0.00
ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to the /etc/mtab file and (2) ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.
- CVE-2010-0791Mar 10, 2010risk 0.00cvss —epss 0.00
The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs 2.2.6 do not properly create lock files, which allows local users to cause a denial of service (application failure) via unspecified vectors that trigger the creation of a /etc/mtab~ file that persists after the program exits.
- CVE-2010-0790Mar 10, 2010risk 0.00cvss —epss 0.00
sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detailed error messages about the results of privileged file-access attempts, which allows local users to determine the existence of arbitrary files via the mountpoint name.
- CVE-2005-0013May 2, 2005risk 0.00cvss —epss 0.00
nwclient.c in ncpfs before 2.2.6 does not drop root privileges before executing utilities using the NetWare client functions, which allows local users to gain privileges.
- CVE-2005-0014May 2, 2005risk 0.00cvss —epss 0.02
Buffer overflow in ncplogin in ncpfs before 2.2.6 allows remote malicious NetWare servers to execute arbitrary code on the NetWare client.
- CVE-2004-1079Jan 10, 2005risk 0.00cvss —epss 0.00
Buffer overflow in (1) ncplogin and (2) ncpmap in nwclient.c for ncpfs 2.2.4, and possibly other versions, may allow local users to gain privileges via a long -T option.