ncpfs: Buffer overflow in ncplogin and ncpmap
Gentoo Linux Security Advisory
||GLSA 200412-09 / ncpfs
||December 15, 2004
||December 15, 2004: 01
All supported architectures
ncpfs is vulnerable to a buffer overflow that could lead to local execution
of arbitrary code with elevated privileges.
ncpfs is a NCP protocol network filesystem that allows access to
Netware services, for example to mount volumes of NetWare servers or
print to NetWare print queues.
Karol Wiesek discovered a buffer overflow in the handling of the
'-T' option in the ncplogin and ncpmap utilities, which are both
installed as SUID root by default.
A local attacker could trigger the buffer overflow by calling one
of these utilities with a carefully crafted command line, potentially
resulting in execution of arbitrary code with root privileges.
There is no known workaround at this time.
All ncpfs users should upgrade to the latest version:
Code Listing 3.1: Resolution
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-fs/ncpfs-2.2.5"