Common Vulnerabilities and Exposures assigned an identifier CVE-2010-0790 to the following vulnerability: sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detailed error messages about the results of privileged file-access attempts, which allows local users to determine the existence of arbitrary files via the mountpoint name. References: [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0790 [2] http://www.securityfocus.com/archive/1/archive/1/509894/100/0/threaded [3] http://www.securityfocus.com/archive/1/archive/1/509893/100/0/threaded [4] http://seclists.org/fulldisclosure/2010/Mar/122 [5] http://www.securityfocus.com/bid/38563 -- Common Vulnerabilities and Exposures assigned an identifier CVE-2010-0791 to the following vulnerability: The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs 2.2.6 do not properly create lock files, which allows local users to cause a denial of service (application failure) via unspecified vectors that trigger the creation of a /etc/mtab~ file that persists after the program exits. References: [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0791 [2] http://www.securityfocus.com/archive/1/archive/1/509894/100/0/threaded [3] http://www.securityfocus.com/archive/1/archive/1/509893/100/0/threaded [4] http://seclists.org/fulldisclosure/2010/Mar/122 [5] http://www.securityfocus.com/bid/38563 -- Patch from Dan Rosenberg to address both issues (once ncpfs was patched against CVE-2010-0788 -- CVE-2009-3297): [1] http://seclists.org/fulldisclosure/2010/Mar/att-122/ncpfs-2_2_6_partial.patch
These issues affect the versions of the ncpfs package, as shipped with Fedora release of 11 and 12. Please fix.