Re: [linux-security] ncpmount/ncpumount

[roessler () sobolev rhein de (Thomas Roessler)]

In article <199610140007.TAA32256 () dancer 1stnet com>, Runar Jensen wrote:

> I haven't had a chance to look at the source code yet, but it appears that
> ncpmount and ncpumount suffer from exactly the same problem that mount and
> umount did. In fact, the mount exploit that was so widely circulated works
> with ncpumount with no modifications.

The buffer overflow you are referring to is hidden in the realpath(3)
function.  So the mount programs are the wrong ones to blame.  Rather
update your C library.

tlr
--
Thomas Roessler                           http://www.rhein.de/~roessler/