22835 2010-01-27 00:45:31 +0300 CVE-2009-3297: ncpmount/ncpumount privilege escalation 2011-03-09 07:59:07 +0300 1 1 4 Development Sisyphus ncpfs unstable all Linux CLOSED FIXED https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3297 security P3 blocker --- 1 ldv nobody php-coder qa-sisyphus oldest_to_newest 105996 0 ldv 2010-01-27 00:45:31 +0300 Daniel Rosenberg found race conditions in the ncpfs ncpmount and ncpumount utilities. Local, unprivileged user could use these flaws to conduct symlink attacks, leading to denial of service (ncpumount), disclosure of sensitive information, or, possibly to privilege escalation (ncpmount). 119088 1 php-coder 2011-03-09 07:59:07 +0300 * Wed Mar 09 2011 Dmitry V. Levin <ldv@altlinux> 2.2.6-alt9 - Imported fix of race conditions in ncpmount/ncpumount operations from Fedora (fixes CVE-2009-3297).