Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveRedhatCVE-2010-1642
HistoryJun 17, 2010 - 4:30 p.m.

CVE-2010-1642

2010-06-1716:30:01
CWE-119
redhat
web.nvd.nist.gov
41
cve-2010-1642
samba
security
denial of service
nvd

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.4

Confidence

Low

EPSS

0.269

Percentile

96.8%

JSON

The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \xff\xff security blob length in a Session Setup AndX request.

Affected configurations

Nvd
Node
sambasambaRange3.4.7
OR
sambasambaMatch3.0.0
OR
sambasambaMatch3.0.1
OR
sambasambaMatch3.0.2
OR
sambasambaMatch3.0.2a
OR
sambasambaMatch3.0.3
OR
sambasambaMatch3.0.4
OR
sambasambaMatch3.0.4rc1
OR
sambasambaMatch3.0.5
OR
sambasambaMatch3.0.6
OR
sambasambaMatch3.0.7
OR
sambasambaMatch3.0.8
OR
sambasambaMatch3.0.9
OR
sambasambaMatch3.0.10
OR
sambasambaMatch3.0.11
OR
sambasambaMatch3.0.12
OR
sambasambaMatch3.0.13
OR
sambasambaMatch3.0.14
OR
sambasambaMatch3.0.14a
OR
sambasambaMatch3.0.15
OR
sambasambaMatch3.0.16
OR
sambasambaMatch3.0.17
OR
sambasambaMatch3.0.18
OR
sambasambaMatch3.0.19
OR
sambasambaMatch3.0.20
OR
sambasambaMatch3.0.20a
OR
sambasambaMatch3.0.20b
OR
sambasambaMatch3.0.21
OR
sambasambaMatch3.0.21a
OR
sambasambaMatch3.0.21b
OR
sambasambaMatch3.0.21c
OR
sambasambaMatch3.0.22
OR
sambasambaMatch3.0.23
OR
sambasambaMatch3.0.23a
OR
sambasambaMatch3.0.23b
OR
sambasambaMatch3.0.23c
OR
sambasambaMatch3.0.23d
OR
sambasambaMatch3.0.24
OR
sambasambaMatch3.0.25
OR
sambasambaMatch3.0.25pre1
OR
sambasambaMatch3.0.25pre2
OR
sambasambaMatch3.0.25rc1
OR
sambasambaMatch3.0.25rc2
OR
sambasambaMatch3.0.25rc3
OR
sambasambaMatch3.0.25a
OR
sambasambaMatch3.0.25b
OR
sambasambaMatch3.0.25c
OR
sambasambaMatch3.0.26
OR
sambasambaMatch3.0.26a
OR
sambasambaMatch3.0.27
OR
sambasambaMatch3.0.27a
OR
sambasambaMatch3.0.28
OR
sambasambaMatch3.0.28a
OR
sambasambaMatch3.0.29
OR
sambasambaMatch3.0.30
OR
sambasambaMatch3.0.31
OR
sambasambaMatch3.0.32
OR
sambasambaMatch3.0.33
OR
sambasambaMatch3.0.34
OR
sambasambaMatch3.0.35
OR
sambasambaMatch3.0.36
OR
sambasambaMatch3.0.37
OR
sambasambaMatch3.1.0
OR
sambasambaMatch3.2
OR
sambasambaMatch3.2.0
OR
sambasambaMatch3.2.1
OR
sambasambaMatch3.2.2
OR
sambasambaMatch3.2.3
OR
sambasambaMatch3.2.4
OR
sambasambaMatch3.2.5
OR
sambasambaMatch3.2.6
OR
sambasambaMatch3.2.7
OR
sambasambaMatch3.2.8
OR
sambasambaMatch3.2.9
OR
sambasambaMatch3.2.10
OR
sambasambaMatch3.2.11
OR
sambasambaMatch3.2.12
OR
sambasambaMatch3.2.13
OR
sambasambaMatch3.2.14
OR
sambasambaMatch3.2.15
OR
sambasambaMatch3.3
OR
sambasambaMatch3.3.0
OR
sambasambaMatch3.3.1
OR
sambasambaMatch3.3.2
OR
sambasambaMatch3.3.3
OR
sambasambaMatch3.3.4
OR
sambasambaMatch3.3.5
OR
sambasambaMatch3.3.6
OR
sambasambaMatch3.3.7
OR
sambasambaMatch3.3.8
OR
sambasambaMatch3.3.9
OR
sambasambaMatch3.3.10
OR
sambasambaMatch3.3.11
OR
sambasambaMatch3.4
OR
sambasambaMatch3.4.0
OR
sambasambaMatch3.4.1
OR
sambasambaMatch3.4.2
OR
sambasambaMatch3.4.3
OR
sambasambaMatch3.4.4
OR
sambasambaMatch3.4.5
OR
sambasambaMatch3.4.6
OR
sambasambaMatch3.5
OR
sambasambaMatch3.5.0
OR
sambasambaMatch3.5.1
VendorProductVersionCPE
sambasamba*cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
sambasamba3.0.0cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*
sambasamba3.0.1cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*
sambasamba3.0.2cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*
sambasamba3.0.2acpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*
sambasamba3.0.3cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*
sambasamba3.0.4cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*
sambasamba3.0.4cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*
sambasamba3.0.5cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*
sambasamba3.0.6cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*
Rows per page:
1-10 of 1041

Related

nvd 1
ubuntucve 1
prion 1
cvelist 1
debiancve 1
nessus 3
openvas 6
securityvulns 1
suse 1
gentoo 1
osv 1
nvd
nvd
CVE-2010-1642
2010-06-17 16:30:01
ubuntucve
ubuntucve
CVE-2010-1642
2010-06-17 00:00:00
prion
prion
Out-of-bounds
2010-06-17 16:30:00
cvelist
cvelist
CVE-2010-1642
2010-06-17 16:00:00
debiancve
debiancve
CVE-2010-1642
2010-06-17 16:30:01
nessus
nessus
Samba < 3.4.8 / 3.5.2 Session Setup AndX DoS
2010-05-17 00:00:00
Mandriva Linux Security Advisory : samba (MDVSA-2010:141)
2010-07-30 00:00:00
GLSA-201206-22 : Samba: Multiple vulnerabilities
2012-06-25 00:00:00
openvas
openvas
Mandriva Update for samba MDVSA-2010:141 (samba)
2010-07-30 00:00:00
Samba < 3.4.8, 3.5.x < 3.5.2 Multiple Remote DoS Vulnerabilities
2010-05-19 00:00:00
Mandriva Update for samba MDVSA-2010:141 (samba)
2010-07-30 00:00:00
securityvulns
securityvulns
Samba buffer overflow
2010-06-20 00:00:00
suse
suse
Security update for Samba (critical)
2012-03-09 17:08:16
gentoo
gentoo
Samba: Multiple vulnerabilities
2012-06-24 00:00:00
osv
osv
ctdb-4.5.0-1.1 on GA media
2024-06-15 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.4

Confidence

Low

EPSS

0.269

Percentile

96.8%

JSON
Related for CVE-2010-1642
nvd1ubuntucve1prion1cvelist1debiancve1nessus3openvas6securityvulns1suse1gentoo1osv1