Bug 22835

Summary: CVE-2009-3297: ncpmount/ncpumount privilege escalation
Product: Sisyphus Reporter: Dmitry V. Levin <ldv>
Component: ncpfsAssignee: Nobody's working on this, feel free to take it <nobody>
Status: CLOSED FIXED QA Contact: qa-sisyphus
Severity: blocker    
Priority: P3 CC: php-coder
Version: unstableKeywords: security
Hardware: all   
OS: Linux   
URL: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3297

Description Dmitry V. Levin 2010-01-27 00:45:31 MSK 
Daniel Rosenberg found race conditions in the ncpfs ncpmount and ncpumount utilities.  Local, unprivileged user could use these flaws to conduct symlink attacks, leading to denial of service (ncpumount), disclosure of sensitive information, or, possibly to privilege escalation (ncpmount).
Comment 1 Slava Semushin 2011-03-09 07:59:07 MSK 
* Wed Mar 09 2011 Dmitry V. Levin <ldv@altlinux> 2.2.6-alt9
- Imported fix of race conditions in ncpmount/ncpumount operations
 from Fedora (fixes CVE-2009-3297).