Secunia Logo
Netsikker nu! 2008
 
Mandrake update for ncpfs
Secunia Advisory: SA14111
Release Date: 2005-02-02
Popularity: 5,712 views

Critical:
Less critical
Impact: Privilege escalation
System access
Where: From local network
Solution Status: Vendor Patch

OS:Mandrake Corporate Server 2.x
Mandrakelinux 10.0
Mandrakelinux 10.1

Subscribe: Instant alerts on relevant vulnerabilities

CVE reference:CVE-2004-1079
CVE-2005-0013
CVE-2005-0014


Description:
MandrakeSoft has issued an update for ncpfs. This fixes two vulnerabilities and a potential issue, which can be exploited to perform certain actions on a vulnerable system with escalated privileges or potentially compromise a user's system.

For more information:
SA14068
SA13292

Solution:
Apply updated packages.

Mandrakelinux 10.0:
26507b12e312d06ad7a0250fd29c2fc9 10.0/RPMS/ipxutils-2.2.6-0.1.100mdk.i586.rpm
31054e1560e02396af427feb8d0bb9e0 10.0/RPMS/libncpfs2.3-2.2.6-0.1.100mdk.i586.rpm
ae8ea25eebe37782e4315da2ea4ac469 10.0/RPMS/libncpfs2.3-devel-2.2.6-0.1.100mdk.i586.rpm
b3988245505c1bf1bf4f5da5c502f22a 10.0/RPMS/ncpfs-2.2.6-0.1.100mdk.i586.rpm
d841a4aac6f48ef283dbe84f7385b2cb 10.0/SRPMS/ncpfs-2.2.6-0.1.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
9097da50d267751a64f5a9533f84f385 amd64/10.0/RPMS/ipxutils-2.2.6-0.1.100mdk.amd64.rpm
acec5bc11c51a724002860e7e2c9b741 amd64/10.0/RPMS/lib64ncpfs2.3-2.2.6-0.1.100mdk.amd64.rpm
dc21cc53b30d974ce146da962edde2b2 amd64/10.0/RPMS/lib64ncpfs2.3-devel-2.2.6-0.1.100mdk.amd64.rpm
af24f5eca27924522f8c84ae0f39dc45 amd64/10.0/RPMS/ncpfs-2.2.6-0.1.100mdk.amd64.rpm
d841a4aac6f48ef283dbe84f7385b2cb amd64/10.0/SRPMS/ncpfs-2.2.6-0.1.100mdk.src.rpm

Mandrakelinux 10.1:
9a6f8acfb1290af92171a23696cc7398 10.1/RPMS/ipxutils-2.2.6-0.1.101mdk.i586.rpm
ad4eba0c498de9884c1e7f3bb8f14452 10.1/RPMS/libncpfs2.3-2.2.6-0.1.101mdk.i586.rpm
a7ad4a7f0ce4cb2723dc5d48d0ddcc21 10.1/RPMS/libncpfs2.3-devel-2.2.6-0.1.101mdk.i586.rpm
d283bbbac0839f1866909efc4ffdb62d 10.1/RPMS/ncpfs-2.2.6-0.1.101mdk.i586.rpm
887f5d5c3f2d19f7c2cd64e74a80391e 10.1/SRPMS/ncpfs-2.2.6-0.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
3eeb4ea7fe45ec1f58d4ae5b523627fe x86_64/10.1/RPMS/ipxutils-2.2.6-0.1.101mdk.x86_64.rpm
c3758043e2bd3ddc24f5c3e34be2cc93 x86_64/10.1/RPMS/lib64ncpfs2.3-2.2.6-0.1.101mdk.x86_64.rpm
11539d55f026d1ef9907e27ffd8d4cc2 x86_64/10.1/RPMS/lib64ncpfs2.3-devel-2.2.6-0.1.101mdk.x86_64.rpm
a10864210cf07d875b770b3f34caa47d x86_64/10.1/RPMS/ncpfs-2.2.6-0.1.101mdk.x86_64.rpm
887f5d5c3f2d19f7c2cd64e74a80391e x86_64/10.1/SRPMS/ncpfs-2.2.6-0.1.101mdk.src.rpm

Corporate Server 2.1:
8fe930fd368a97b4f20ae4bca84a9761 corporate/2.1/RPMS/ipxutils-2.2.6-0.1.C21mdk.i586.rpm
fc4d61b54dd07f64aa613bdf7a4016a0 corporate/2.1/RPMS/ncpfs-2.2.6-0.1.C21mdk.i586.rpm
0f6237f2270b31c7e1bcb38b01ba5017 corporate/2.1/SRPMS/ncpfs-2.2.6-0.1.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
8853eb122b8794c8a9a6e8f304deab7b x86_64/corporate/2.1/RPMS/ipxutils-2.2.6-0.1.C21mdk.x86_64.rpm
301cd5bb7f068467f4e35752c7f6dc0a x86_64/corporate/2.1/RPMS/ncpfs-2.2.6-0.1.C21mdk.x86_64.rpm
0f6237f2270b31c7e1bcb38b01ba5017 x86_64/corporate/2.1/SRPMS/ncpfs-2.2.6-0.1.C21mdk.src.rpm

Original Advisory:
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:028

Other References:
SA14068:
http://secunia.com/advisories/14068/

SA13292:
http://secunia.com/advisories/13292/


Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. ArticleBeach Script "page" File Inclusion Vulnerability // 114 views
2. Zeroboard Multiple Vulnerabilities // 63 views
3. Zeroboard Two Vulnerabilities // 56 views
4. Zeroboard Multiple Script Insertion Vulnerabilities // 47 views
5. Zeroboard ".htaccess" File Upload Vulnerability // 41 views
6. CA ARCserve Backup Multiple Vulnerabilities // 36 views
7. Sun Java System Web Proxy Server FTP Subsystem Buffer Overflow // 33 views
8. Apple Mac OS X Security Update Fixes Multiple Vulnerabilities // 32 views
9. Symantec pcAnywhere CIF Files Privilege Escalation // 30 views
10. Built2go Real Estate Listings "event_id" SQL Injection // 28 views