Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Mandrake Local Security Checks --> Category: infos

MDKSA-2005:028: ncpfs Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the ncpfs package

Detailed Explanation for this Vulnerability Test

The remote host is missing the patch for the advisory MDKSA-2005:028 (ncpfs).

Erik Sjolund discovered two vulnerabilities in programs bundled with ncpfs. Due
to a flaw in nwclient.c, utilities that use the NetWare client functions
insecurely access files with elevated rights (CVE-2005-0013), and there is
a potentially exploitable buffer overflow in the ncplogin program

As well, an older vulnerability found by Karol Wiesek is corrected with these
new versions of ncpfs. Karol found a buffer overflow in the handling of the
'-T' option in the ncplogin and ncpmap utilities (CVE-2004-1079).

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.