| Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions to correct them. |
|
 |
|
|
|
vulnerability announce CVE-2010-0790 CVE-2010-0791
ncpfs: two vulnerabilities
Synthesis of the vulnerability
| A local attacker can use two vulnerabilities of ncpfs, in order to obtain information or to create a denial of service. |
Severity: 1/4.
Creation date: 08/03/2010.
|
Description of the vulnerability
The ncpmount and ncpumount utilities are used to mount a remote NCP (NetWare Core Protocol) share in a local directory. Two vulnerabilities were announced in ncpfs.
An attacker can use ncpumount, in order to detect if a file located in a restricted directory exists. [severity:1/4; CVE-2010-0790, >]
An attacker can set a lock on "/etc/mtab~", so users cannot mount other filesystems. [severity:1/4; CVE-2010-0791, >] |
Complete Vigil@nce bulletin
Characteristics
Title: ncpfs: two vulnerabilities.
Keywords: Core NCP NetWare Protocol ncpfs vulnerabilities.
Identifiers: CVE-2010-0790, CVE-2010-0791, MDVSA-2010:061, SUSE-SR:2010:012, SUSE-SR:2010:013, VIGILANCE-VUL-9502.
|
Information sources
Solutions for this vulnerability
Supplements
Vulnerability : CVE-2010-0790
An attacker can use ncpumount, in order to detect if a file located in a restricted directory exists.
Severity: 1/4.
Identifiers: CVE-2010-0790.
|
|
Vulnerability : CVE-2010-0791
An attacker can set a lock on "/etc/mtab~", so users cannot mount other filesystems.
Severity: 1/4.
Identifiers: CVE-2010-0791.
|
|
Computer vulnerabilities tracking service
The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Computer vulnerability database
|
