Red Hat Bugzilla – Bug 115823
CAN-2004-0010 ncpfs hole (unsupported)
Last modified: 2007-11-30 17:07:00 EST
Arjan van de Ven discovered a flaw in ncp_lookup() in ncpfs that could
allow local privilege escalation. ncpfs is only used to allow a system
to mount volumes of NetWare servers or print to NetWare printers.
Note: only in kernel-unsupported
This change has been committed to the taroon pool, and will appear in
internal kernel version 2.4.21-9.12.EL.
An errata has been issued which should help the problem described in this bug report.
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen
this bug report if the solution does not work for you.