CVE-2010-0296

[GoogleCodeExporter]

The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or 
libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not 
properly handle newline characters in mountpoint names, which allows local 
users to cause a denial of service (mtab corruption), or possibly modify mount 
options and gain privileges, via a crafted mount request. 

http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600

http://sourceware.org/git/?p=glibc.git;a=commit;h=ab00f4eac8f4932211259ff87be831
44f5211540

Original issue reported on code.google.com by ole.andr...@gmail.com on 20 Aug 2010 at 11:06

[GoogleCodeExporter]

The 0.3 branch is soon EOL, no time to fix this issue. Sorry.

Original comment by off...@symbiosis.cc on 4 Aug 2011 at 10:52

• Changed state: WontFix