Lösungen für Schwachstellen

Die regelmäßigen Schwachstellenüberprüfungen von Nimsoft Cloud Monitor suchen die folgende Schwachstelle. Auf der Überblickseite Lösungen für Schwachstellen können Sie die zuletzt hinzugefügten Lösungen für Schwachstellen, die von Nimsoft Cloud Monitor überprüft werden, einsehen.

Kategorie: Mandriva Local Security Checks Risikofaktor: Low Hinzugefügt am: 12 Mär 2010
Synopsis:

The remote host is missing the patch for the advisory MDVSA-2010:061 (ncpfs).

Description:

Multiple vulnerabilities has been found and corrected in ncpfs:
sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detailed error messages about the results of privileged file-access attempts, which allows local users to determine the existence of arbitrary files via the mountpoint name (CVE-2010-0790). The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs 2.2.6 do not properly create lock files, which allows local users to cause a denial of service (application failure) via unspecified vectors that trigger the creation of a /etc/mtab~ file that persists
after the program exits (CVE-2010-0791). Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
The updated packages have been patched to correct these issues.

See also:

http://wwwnew.mandriva.com/security/advisories?name=MDVSA-2010:061

Solution:

Apply the newest security patches from Mandriva.

Risk factor:

Low / CVSS Base Score : 2.1
(CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P)