ncpfs 2.2.6 and previous versions attempts to use (1) ncpmount to append to the /etc/mtab file and (2) ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ncpfs ncpfs |
||
ncpfs ncpfs 2.2.2 |
||
ncpfs ncpfs 2.2.3 |
||
ncpfs ncpfs 2.2.4 |
||
ncpfs ncpfs 2.2.5 |
||
ncpfs ncpfs 2.2.1 |