CVE-2011-1679

ncpfs <= 2.2.6 - Local File Corruption via RLIMIT_FSIZE Resource Limit Bypass

Title source: llm
STIX 2.1

Description

ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to the /etc/mtab file and (2) ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.

References (18)

Core 18
Core References
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/03/14/5
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/03/04/9
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/03/22/6
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/03/22/4
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/03/05/7
Issue Tracking x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=688980
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/03/07/9
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/66701
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/04/01/2
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/03/04/10
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/03/14/16
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/03/31/4
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/03/04/12
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/03/14/7
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/03/04/11
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/03/05/3
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/03/31/3
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/03/15/6

Scores

EPSS 0.0037
EPSS Percentile 29.5%

Details

CWE
CWE-20
Status published
Products (6)
ncpfs/ncpfs 2.2.1
ncpfs/ncpfs 2.2.2
ncpfs/ncpfs 2.2.3
ncpfs/ncpfs 2.2.4
ncpfs/ncpfs 2.2.5
ncpfs/ncpfs < 2.2.6
Published Apr 10, 2011
Tracked Since Feb 18, 2026