nwclient.c in ncpfs prior to 2.2.6 does not drop root privileges before executing utilities using the NetWare client functions, which allows local users to gain privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ncpfs ncpfs 2.2.2 |
||
ncpfs ncpfs 2.2.3 |
||
ncpfs ncpfs 2.2.1 |
||
ncpfs ncpfs 2.2.4 |
||
ncpfs ncpfs 2.2.5 |