[3522] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: [linux-security] ncpmount/ncpumount

daemon@ATHENA.MIT.EDU (Thomas Roessler)
Mon Oct 21 12:52:44 1996

Date: 	Mon, 21 Oct 1996 09:30:50 GMT
Reply-To: Thomas Roessler <roessler@sobolev.rhein.de>
From: Thomas Roessler <roessler@sobolev.rhein.de>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>

In article <199610140007.TAA32256@dancer.1stnet.com>, Runar Jensen wrote:

>I haven't had a chance to look at the source code yet, but it appears that
>ncpmount and ncpumount suffer from exactly the same problem that mount and
>umount did. In fact, the mount exploit that was so widely circulated works
>with ncpumount with no modifications.

The buffer overflow you are referring to is hidden in the realpath(3)
function.  So the mount programs are the wrong ones to blame.  Rather
update your C library.

tlr
--
Thomas Roessler                           http://www.rhein.de/~roessler/


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[3522] in bugtraq

Re: [linux-security] ncpmount/ncpumount

daemon@ATHENA.MIT.EDU (Thomas Roessler)Mon Oct 21 12:52:44 1996

daemon@ATHENA.MIT.EDU (Thomas Roessler)
Mon Oct 21 12:52:44 1996