Bugzilla – Attachment 26776 Details for
Bug 63702
VUL-0: CVE-2004-1079: ncpfs: buffer overflow
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
IDP Log In
|
Forgot Password
patchinfo-box.ncpfs
patchinfo-box.ncpfs (text/plain), 820 bytes, created by
Thomas Biege
on 2004-12-06 20:44:16 UTC
(
hide
)
Description:
patchinfo-box.ncpfs
Filename:
MIME Type:
Creator:
Thomas Biege
Created:
2004-12-06 20:44:16 UTC
Size:
820 bytes
patch
obsolete
>DISTRIBUTION: 8.1-i386,8.2-i386,9.0-i386,9.0-x86_64,9.1-i386,9.1-x86_64,9.2-i386,9.2-x86_64 >PACKAGE: ncpfs,ncpfs-devel >PACKAGER: olh@suse.de >BUGZILLA: 48702 >CATEGORY: security >DESCRIPTION: >Security Update: >This update fixes a buffer overfow in ncplogin and ncpmap. Both applications >are installed setuid root on SUSE LINUX. Only users of group 'trusted' are >allowed to execute this binaries. If successfully exploited this >vulnerabilities can be used to gain root locally. >DESCRIPTION_DE: >Sicherheits-Update: >Mit diesem Update wird jeweils ein Speicherueberlauf in ncplogin und ncpmap >behoben. Unter SUSE LINUX sind die Tools zwar 'setuid root' installiert, aber >nur von Mitgliedern der Gruppe 'trusted' ausfuehrbar. >Diese Fehler koennen lokal ausgenutzt werden, um vollen Systemzugriff als >Benutzer 'root' zu erlangen.
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=26776">View the attachment on a separate page</a>.</b>
Actions:
View
Attachments on
bug 63702
: 26776 |
26777
|
27033