CVE-2011-1679

Name of the Vulnerable Software and Affected Versions ncpfs versions 2.2.6 and earlier

Description The issue allows local users to trigger corruption of the /etc/mtab file by exploiting a flaw in how ncpfs handles resource limits. Specifically, ncpfs attempts to use ncpmount to append to the /etc/mtab file and ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere. This can be exploited by a process with a small RLIMIT FSIZE value.

Recommendations For ncpfs versions 2.2.6 and earlier, consider updating to a version that addresses this issue, although the specific fixed version is not provided in the available data. As a temporary workaround, consider restricting the use of ncpmount and ncpumount to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.