Gentoo Logo

ncpfs: Buffer overflow in ncplogin and ncpmap


1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200412-09 / ncpfs
Release Date December 15, 2004
Latest Revision December 15, 2004: 01
Impact high
Exploitable local
Package Vulnerable versions Unaffected versions Architecture(s)
net-fs/ncpfs < 2.2.5 >= 2.2.5 All supported architectures

Related bugreports: #72820


ncpfs is vulnerable to a buffer overflow that could lead to local execution of arbitrary code with elevated privileges.

2.  Impact Information


ncpfs is a NCP protocol network filesystem that allows access to Netware services, for example to mount volumes of NetWare servers or print to NetWare print queues.


Karol Wiesek discovered a buffer overflow in the handling of the '-T' option in the ncplogin and ncpmap utilities, which are both installed as SUID root by default.


A local attacker could trigger the buffer overflow by calling one of these utilities with a carefully crafted command line, potentially resulting in execution of arbitrary code with root privileges.

3.  Resolution Information


There is no known workaround at this time.


All ncpfs users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-fs/ncpfs-2.2.5"

4.  References


Page updated December 15, 2004

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2015 Gentoo Foundation, Inc. Questions, Comments? Contact us.