Test ID:	1.3.6.1.4.1.25623.1.0.831606
Category:	Mandrake Local Security Checks
Title:	Mandriva Update for ncpfs MDVSA-2012:084 (ncpfs)
Summary:	The remote host is missing an update for the 'ncpfs'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'ncpfs' package(s) announced via the referenced advisory. Vulnerability Insight: Multiple vulnerabilities has been discovered and corrected in ncpfs: ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to the /etc/mtab file and (2) ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089 (CVE-2011-1679). ncpmount in ncpfs 2.2.6 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors (CVE-2011-1680). The updated packages have been patched to correct this issue. Affected Software/OS: ncpfs on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2, Mandriva Linux 2010.1 Solution: Please Install the Updated Packages. CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1089 46740 http://www.securityfocus.com/bid/46740 MDVSA-2011:178 http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 MDVSA-2011:179 http://www.mandriva.com/security/advisories?name=MDVSA-2011:179 RHSA-2011:1526 http://www.redhat.com/support/errata/RHSA-2011-1526.html [oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/04/11 [oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/04/9 [oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/04/10 http://openwall.com/lists/oss-security/2011/03/04/12 [oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/05/3 http://openwall.com/lists/oss-security/2011/03/05/7 [oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/07/9 [oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/14/16 http://openwall.com/lists/oss-security/2011/03/14/5 http://openwall.com/lists/oss-security/2011/03/14/7 [oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/15/6 [oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/22/4 http://openwall.com/lists/oss-security/2011/03/22/6 [oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/31/3 http://openwall.com/lists/oss-security/2011/03/31/4 [oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/04/01/2 http://sourceware.org/bugzilla/show_bug.cgi?id=12625 https://bugzilla.redhat.com/show_bug.cgi?id=688980 Common Vulnerability Exposure (CVE) ID: CVE-2011-1679 XForce ISS Database: ncpfs-mtab-security-bypass(66701) https://exchange.xforce.ibmcloud.com/vulnerabilities/66701 Common Vulnerability Exposure (CVE) ID: CVE-2011-1680 XForce ISS Database: ncpfs-mtab-unspecified(66700) https://exchange.xforce.ibmcloud.com/vulnerabilities/66700
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.