Re: [linux-security] ncpmount/ncpumount

[coxa () cableol net (Alan Cox)]

> > I haven't had a chance to look at the source code yet, but it appears that
> > ncpmount and ncpumount suffer from exactly the same problem that mount and
> > umount did. In fact, the mount exploit that was so widely circulated works
> > with ncpumount with no modifications.
>
> The buffer overflow you are referring to is hidden in the realpath(3)
> function.  So the mount programs are the wrong ones to blame.  Rather
> update your C library.

If its the same as mount, and wu.ftpd it includes realpath (broken version)
with the program and uses that instead of the (fixed) libc one.

Alan