CVE-2010-0791

EUVD-2010-0817
The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs 2.2.6 do not properly create lock files, which allows local users to cause a denial of service (application failure) via unspecified vectors that trigger the creation of a /etc/mtab~ file that persists after the program exits.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
ncpfsncpfs
2.2.6
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ncpfs
dapper
ignored
hardy
ignored
intrepid
ignored
jaunty
ignored
karmic
ignored
lucid
not-affected
maverick
not-affected
natty
not-affected
oneiric
not-affected
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
http://seclists.org/fulldisclosure/2010/Mar/122
http://www.securityfocus.com/archive/1/509893/100/0/threaded
http://www.securityfocus.com/archive/1/509894/100/0/threaded
http://www.securityfocus.com/bid/38563
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
http://seclists.org/fulldisclosure/2010/Mar/122
http://www.securityfocus.com/archive/1/509893/100/0/threaded
http://www.securityfocus.com/archive/1/509894/100/0/threaded
http://www.securityfocus.com/bid/38563