CVE-2010-0790

Name of the Vulnerable Software and Affected Versions ncpfs version 2.2.6

Description The issue allows local users to determine the existence of arbitrary files via the mountpoint name, due to certain detailed error messages produced by sutil/ncpumount.c in ncpumount.

Recommendations For ncpfs version 2.2.6, consider restricting access to the mountpoint to minimize the risk of exploitation. As a temporary workaround, avoid using the ncpumount utility until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.