Bug 152904 - CAN-2004-1079, CAN-2005-0013,0014 ncpfs multiple problems
CAN-2004-1079, CAN-2005-0013,0014 ncpfs multiple problems
Status: CLOSED ERRATA
Product: Fedora Legacy
Classification: Retired
Component: ncpfs (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Fedora Legacy Bugs
http://cve.mitre.org/cgi-bin/cvename....
1, LEGACY, 2, 3, rh73, rh90
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-02-10 14:36 EST by Marc Deslauriers
Modified: 2007-04-18 13:22 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-05-12 20:51:27 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description David Lawrence 2005-03-30 18:31:35 EST
CAN-2004-1079:
Buffer overflow in (1) ncplogin and (2) ncpmap in nwclient.c for ncpfs 2.2.4,
and possibly other versions, may allow local users to gain privileges via a long
-T option.

CAN-2005-0013:
nwclient.c in ncpfs before 2.2.6 does not drop root privileges before executing
utilities using the NetWare client functions, which allows local users to gain
privileges.

CAN-2005-0014:
Buffer overflow in ncplogin in ncpfs before 2.2.6 allows remote malicious
NetWare servers to execute arbitrary code on the NetWare client.

see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0014
https://bugzilla.redhat.com/beta/show_bug.cgi?id=144691



------- Bug moved to this database by dkl@redhat.com 2005-03-30 18:31 -------

This bug previously known as bug 2428 at https://bugzilla.fedora.us/
https://bugzilla.fedora.us/show_bug.cgi?id=2428
Originally filed under the Fedora Legacy product and Package request component.

Unknown priority P2. Setting to default priority "normal".
Unknown platform PC. Setting to default platform "All".
Setting qa contact to the default for this product.
   This bug either had no qa contact or an invalid one.

Comment 1 Marc Deslauriers 2006-03-12 09:00:07 EST
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Here are updated packages to QA.

The previous FC3 patch was incomplete, so it's now fixed.


06848f0f5179afa589cd0d30cec96cc3a1a096b0  7.3/ncpfs-2.2.0.18-6.1.legacy.i386.rpm
5d4b69e5c2f5580e07542aec20371026a303f7b2  7.3/ncpfs-2.2.0.18-6.1.legacy.src.rpm
b4402f56767b785e1d5c0f43839cff11dbf15b67  7.3/ipxutils-2.2.0.18-6.1.legacy.i386.rpm
2ca7eb95c4a69823d3b80cf4d52ebc28d925d175  9/ncpfs-2.2.1-1.1.legacy.i386.rpm
a1f7228bbceacc789084d31ac559460216bf4862  9/ncpfs-2.2.1-1.1.legacy.src.rpm
dcc36dce8d718ed5890ebac95f73a3647d8fcec3  9/ipxutils-2.2.1-1.1.legacy.i386.rpm
ade651d031e2b3d758d2c5ba7bd46cd8041994c6  1/ncpfs-2.2.3-1.1.legacy.i386.rpm
0bbca8e8da3e8e5b4b5569f9583ac8ef7b6a2ca1  1/ncpfs-2.2.3-1.1.legacy.src.rpm
7d2742da8304cdbeba82867e6b82c3fc71c3e8ae  1/ipxutils-2.2.3-1.1.legacy.i386.rpm
32bcb6f135d23e5854854c337343cce67087107c  2/ncpfs-2.2.4-1.1.legacy.i386.rpm
d3b849d3a625973b99e58a34d3c4e522f6375f7b  2/ncpfs-2.2.4-1.1.legacy.src.rpm
450df935d8f97cf97303d7ef47684c40d664ee62  2/ipxutils-2.2.4-1.1.legacy.i386.rpm
48f2cb4ea55a6a38ac0b907928e5754af8aebf28  3/ncpfs-2.2.4-5.FC3.1.legacy.i386.rpm
ae3a7d8a83966f2d6771d76e2a30913a70bb7f86  3/ncpfs-2.2.4-5.FC3.1.legacy.src.rpm
93056f0da00226ae586907bfa6868d562629e8a1  3/ipxutils-2.2.4-5.FC3.1.legacy.i386.rpm

http://www.infostrategique.com/linuxrpms/legacy/7.3/ncpfs-2.2.0.18-6.1.legacy.src.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/ncpfs-2.2.1-1.1.legacy.src.rpm
http://www.infostrategique.com/linuxrpms/legacy/1/ncpfs-2.2.3-1.1.legacy.src.rpm
http://www.infostrategique.com/linuxrpms/legacy/2/ncpfs-2.2.4-1.1.legacy.src.rpm
http://www.infostrategique.com/linuxrpms/legacy/3/ncpfs-2.2.4-5.FC3.1.legacy.src.rpm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (GNU/Linux)

iD8DBQFEFCtFLMAs/0C4zNoRAnSFAKCf35RNBJKYuvrw2tw+/OM+4TqmNwCgqgqH
Y0IwqR9VyVxbMqpsfJWAePE=
=mPoc
-----END PGP SIGNATURE-----
Comment 2 Pekka Savola 2006-03-13 01:31:09 EST
Apparently, FC4 folks didn't remember to update their ncpfs for getuid2.patch,
but that's not our concern (yet)...

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
                                                                               
                
QA w/ rpm-build-compare.sh:
 - source integrity good
 - spec file changes minimal
 - patches identical to RHEL2 or Fedora's original FC3 package
 
+PUBLISH RHL73, RHL9, FC1, FC2, FC3
 
5d4b69e5c2f5580e07542aec20371026a303f7b2  ncpfs-2.2.0.18-6.1.legacy.src.rpm
a1f7228bbceacc789084d31ac559460216bf4862  ncpfs-2.2.1-1.1.legacy.src.rpm
0bbca8e8da3e8e5b4b5569f9583ac8ef7b6a2ca1  ncpfs-2.2.3-1.1.legacy.src.rpm
d3b849d3a625973b99e58a34d3c4e522f6375f7b  ncpfs-2.2.4-1.1.legacy.src.rpm
ae3a7d8a83966f2d6771d76e2a30913a70bb7f86  ncpfs-2.2.4-5.FC3.1.legacy.src.rpm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
 
iD8DBQFEFRK+GHbTkzxSL7QRAimcAJ43puKwoSsTrnvv1r7fpdkiShFNwQCdGIj5
IdHePezZ4Xiq7CvGwFS3yqo=
=k9sD
-----END PGP SIGNATURE-----
Comment 3 Marc Deslauriers 2006-03-28 19:32:27 EST
Packages were pushed to updates-testing
Comment 4 Pekka Savola 2006-04-17 12:27:25 EDT
Timeout over.
Comment 5 Marc Deslauriers 2006-05-12 20:51:27 EDT
Packages were released to updates.

Note You need to log in before you can comment on or make changes to this bug.