First published: Wed Nov 04 2009(Updated: )
ncpfs 2.2.6 allows local users to cause a denial of service, obtain sensitive information, or possibly gain privileges via symlink attacks involving the (1) ncpmount and (2) ncpumount programs.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
ncpfs | =2.2.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2010-0788 has a medium severity rating as it can lead to denial of service and potential privilege escalation.
To fix CVE-2010-0788, upgrade to ncpfs version 2.2.7 or later which addresses the vulnerabilities.
CVE-2010-0788 is associated with symlink attacks that affect the ncpmount and ncpumount programs of ncpfs 2.2.6.
Local users of systems running ncpfs version 2.2.6 are affected by CVE-2010-0788.
Yes, CVE-2010-0788 can potentially allow local users to gain elevated privileges through symlink attacks.