Vulnerabilities > CVE-2005-0014 - Remote vulnerability in NCPFS
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in ncplogin in ncpfs before 2.2.6 allows remote malicious NetWare servers to execute arbitrary code on the NetWare client.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 5 |
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200501-44.NASL description The remote host is affected by the vulnerability described in GLSA-200501-44 (ncpfs: Multiple vulnerabilities) Erik Sjolund discovered two vulnerabilities in the programs bundled with ncpfs: there is a potentially exploitable buffer overflow in ncplogin (CAN-2005-0014), and due to a flaw in nwclient.c, utilities using the NetWare client functions insecurely access files with elevated privileges (CAN-2005-0013). Impact : The buffer overflow might allow a malicious remote NetWare server to execute arbitrary code on the NetWare client. Furthermore, a local attacker may be able to create links and access files with elevated privileges using SUID ncpfs utilities. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 16435 published 2005-02-14 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16435 title GLSA-200501-44 : ncpfs: Multiple vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2005-435.NASL description - Fri Jun 17 2005 Jiri Ryska <jryska at redhat.com> 2.2.4-4.FC3.1 - fixed getuid security bug CVE-2005-0014 - fixed security bug CVE-2004-1079 - Mon Apr 11 2005 Jiri Ryska <jryska at redhat.com> 2.2.4-4.FC3 - fixed getuid security bug CVE-2005-0013 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 19464 published 2005-08-19 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19464 title Fedora Core 3 : ncpfs-2.2.4-4.FC3.1 (2005-435) NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2005-028.NASL description Erik Sjolund discovered two vulnerabilities in programs bundled with ncpfs. Due to a flaw in nwclient.c, utilities that use the NetWare client functions insecurely access files with elevated privileges (CVE-2005-0013), and there is a potentially exploitable buffer overflow in the ncplogin program (CVE-2005-0014). As well, an older vulnerability found by Karol Wiesek is corrected with these new versions of ncpfs. Karol found a buffer overflow in the handling of the last seen 2020-06-01 modified 2020-06-02 plugin id 16294 published 2005-02-02 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16294 title Mandrake Linux Security Advisory : ncpfs (MDKSA-2005:028) NASL family SuSE Local Security Checks NASL id SUSE9_9805.NASL description This update fixes the following security issues : - a buffer overflow in ncplogin and ncpmap. Both applications are installed setuid-root on SuSE Linux, but only users of group last seen 2020-06-01 modified 2020-06-02 plugin id 41344 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41344 title SuSE9 Security Update : ncpfs (YOU Patch Number 9805)
References
- ftp://platan.vc.cvut.cz/pub/linux/ncpfs/Changes-2.2.6
- http://securitytracker.com/id?1013019
- http://www.gentoo.org/security/en/glsa/glsa-200501-44.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:028
- http://www.osvdb.org/13298
- http://www.securityfocus.com/archive/1/433927/100/0/threaded
- http://www.securityfocus.com/bid/12400