Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-2724HistorySep 06, 2011 - 4:55 p.m.
CVE-2011-2724
2011-09-0616:55:10
Debian Security Bug Tracker
security-tracker.debian.org
23
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
AI Score
4.8
Confidence
High
EPSS
0.001
Percentile
39.6%
The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0547.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cifs-utils | < 2:5.1-1 | cifs-utils_2:5.1-1_all.deb |
| Debian | 11 | all | cifs-utils | < 2:5.1-1 | cifs-utils_2:5.1-1_all.deb |
| Debian | 999 | all | cifs-utils | < 2:5.1-1 | cifs-utils_2:5.1-1_all.deb |
| Debian | 13 | all | cifs-utils | < 2:5.1-1 | cifs-utils_2:5.1-1_all.deb |
| Debian | 12 | all | samba | < 2:3.4.7~dfsg-2 | samba_2:3.4.7~dfsg-2_all.deb |
| Debian | 11 | all | samba | < 2:3.4.7~dfsg-2 | samba_2:3.4.7~dfsg-2_all.deb |
| Debian | 999 | all | samba | < 2:3.4.7~dfsg-2 | samba_2:3.4.7~dfsg-2_all.deb |
| Debian | 13 | all | samba | < 2:3.4.7~dfsg-2 | samba_2:3.4.7~dfsg-2_all.deb |
Related
fedora
fedora
[SECURITY] Fedora 14 Update: cifs-utils-4.8.1-7.fc14
2011-08-09 01:29:26
[SECURITY] Fedora 16 Update: cifs-utils-5.0-2.fc16
2011-08-22 15:29:48
[SECURITY] Fedora 15 Update: cifs-utils-5.0-2.fc15
2011-08-09 01:35:06
nvd
nvd
CVE-2011-2724
2011-09-06 16:55:10
CVE-2010-0547
2010-02-04 20:15:24
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:02:27
Denial Of Service (DoS)
2020-04-10 00:51:48
openvas
openvas
Samba 'client/mount.cifs.c' Remote Denial of Service Vulnerability
2010-02-22 00:00:00
Fedora Update for cifs-utils FEDORA-2011-10028
2012-03-19 00:00:00
Fedora Update for cifs-utils FEDORA-2011-9847
2011-08-12 00:00:00
cvelist
cvelist
CVE-2011-2724
2011-09-06 16:00:00
CVE-2010-0547
2010-02-04 18:00:00
nessus
nessus
Fedora 15 : cifs-utils-5.0-2.fc15 (2011-9831)
2011-08-09 00:00:00
Fedora 16 : cifs-utils-5.0-2.fc16 (2011-10028)
2011-08-23 00:00:00
Fedora 14 : cifs-utils-4.8.1-7.fc14 (2011-9847)
2011-08-09 00:00:00
prion
prion
Path traversal
2011-09-06 16:55:00
Path traversal
2010-02-04 20:15:00
ubuntucve
ubuntucve
CVE-2011-2724
2011-09-06 00:00:00
CVE-2010-0547
2010-02-04 00:00:00
cve
cve
CVE-2011-2724
2011-09-06 16:55:10
CVE-2010-0547
2010-02-04 20:15:24
centos
centos
samba3x security update
2011-09-01 16:12:20
libsmbclient, samba security update
2011-08-29 21:13:06
altlinux
altlinux
Security fix for the ALT Linux 6 package samba version 3.5.10-alt2
2011-08-01 00:00:00
debiancve
debiancve
CVE-2010-0547
2010-02-04 20:15:24
redhat
redhat
(RHSA-2011:1220) Moderate: samba3x security update
2011-08-29 00:00:00
(RHSA-2011:1221) Moderate: samba and cifs-utils security and bug fix update
2011-08-29 00:00:00
(RHSA-2011:1219) Moderate: samba security update
2011-08-29 00:00:00
seebug
seebug
Samba 3.4.5 client/mount.cifs.c本地拒绝服务漏洞
2010-05-06 00:00:00
ubuntu
ubuntu
cifs-utils vulnerabilities
2011-10-04 00:00:00
Samba vulnerabilities
2011-10-04 00:00:00
debian
debian
[SECURITY] [DSA 2004-1] New samba packages fix several vulnerabilities
2010-02-28 21:55:00
gentoo
gentoo
mount-cifs: Multiple vulnerabilites
2012-06-25 00:00:00
Samba: Multiple vulnerabilities
2012-06-24 00:00:00
oraclelinux
oraclelinux
samba security update
2011-08-29 00:00:00
samba security, bug fix, and enhancement update
2012-03-01 00:00:00
samba3x security update
2011-08-29 00:00:00
securityvulns
securityvulns
[USN-1226-1] Samba vulnerabilities
2011-10-16 00:00:00
Samba security vulnerabilities
2011-10-16 00:00:00
osv
osv
samba - several vulnerabilities
2010-02-28 00:00:00
cifs-utils-6.5-1.5 on GA media
2024-06-15 00:00:00
ctdb-4.5.0-1.1 on GA media
2024-06-15 00:00:00
vmware
vmware
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
AI Score
4.8
Confidence
High
EPSS
0.001
Percentile
39.6%
Related for DEBIANCVE:CVE-2011-2724