Lucene search
HistorySep 06, 2011 - 4:55 p.m.
CVE-2011-2724
CVSS2
1.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:N/I:N/A:P
AI Score
4.6
Confidence
High
EPSS
0.001
Percentile
39.6%
The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0547.
Affected configurations
Node
sambasambaRange≤3.5.10
ORsambasambaMatch1.9.17
ORsambasambaMatch1.9.17p1
ORsambasambaMatch1.9.17p2
ORsambasambaMatch1.9.17p3
ORsambasambaMatch1.9.17p4
ORsambasambaMatch1.9.17p5
ORsambasambaMatch1.9.18
ORsambasambaMatch1.9.18p1
ORsambasambaMatch1.9.18p10
ORsambasambaMatch1.9.18p2
ORsambasambaMatch1.9.18p3
ORsambasambaMatch1.9.18p4
ORsambasambaMatch1.9.18p5
ORsambasambaMatch1.9.18p6
ORsambasambaMatch1.9.18p7
ORsambasambaMatch1.9.18p8
ORsambasambaMatch2.0
ORsambasambaMatch2.0.0
ORsambasambaMatch2.0.1
ORsambasambaMatch2.0.2
ORsambasambaMatch2.0.3
ORsambasambaMatch2.0.4
ORsambasambaMatch2.0.5
ORsambasambaMatch2.0.5a
ORsambasambaMatch2.0.5a
ORsambasambaMatch2.0.6
ORsambasambaMatch2.0.7
ORsambasambaMatch2.0.8
ORsambasambaMatch2.0.9
ORsambasambaMatch2.0.10
ORsambasambaMatch2.2a
ORsambasambaMatch2.2.0
ORsambasambaMatch2.2.0a
ORsambasambaMatch2.2.0a
ORsambasambaMatch2.2.1
ORsambasambaMatch2.2.1a
ORsambasambaMatch2.2.1a
ORsambasambaMatch2.2.2
ORsambasambaMatch2.2.3
ORsambasambaMatch2.2.3a
ORsambasambaMatch2.2.3a
ORsambasambaMatch2.2.4
ORsambasambaMatch2.2.5
ORsambasambaMatch2.2.6
ORsambasambaMatch2.2.7
ORsambasambaMatch2.2.7a
ORsambasambaMatch2.2.7a
ORsambasambaMatch2.2.8
ORsambasambaMatch2.2.8a
ORsambasambaMatch2.2.8a
ORsambasambaMatch2.2.9
ORsambasambaMatch2.2.10
ORsambasambaMatch2.2.11
ORsambasambaMatch2.2.12
ORsambasambaMatch2.2a
ORsambasambaMatch2.18.3
ORsambasambaMatch3.0.0
ORsambasambaMatch3.0.1
ORsambasambaMatch3.0.2
ORsambasambaMatch3.0.2a
ORsambasambaMatch3.0.2a
ORsambasambaMatch3.0.3
ORsambasambaMatch3.0.4
ORsambasambaMatch3.0.4rc1
ORsambasambaMatch3.0.5
ORsambasambaMatch3.0.6
ORsambasambaMatch3.0.7
ORsambasambaMatch3.0.8
ORsambasambaMatch3.0.9
ORsambasambaMatch3.0.10
ORsambasambaMatch3.0.11
ORsambasambaMatch3.0.12
ORsambasambaMatch3.0.13
ORsambasambaMatch3.0.14
ORsambasambaMatch3.0.14a
ORsambasambaMatch3.0.14a
ORsambasambaMatch3.0.15
ORsambasambaMatch3.0.16
ORsambasambaMatch3.0.17
ORsambasambaMatch3.0.18
ORsambasambaMatch3.0.19
ORsambasambaMatch3.0.20
ORsambasambaMatch3.0.20a
ORsambasambaMatch3.0.20b
ORsambasambaMatch3.0.20a
ORsambasambaMatch3.0.20b
ORsambasambaMatch3.0.21
ORsambasambaMatch3.0.21a
ORsambasambaMatch3.0.21b
ORsambasambaMatch3.0.21c
ORsambasambaMatch3.0.21a
ORsambasambaMatch3.0.21b
ORsambasambaMatch3.0.21c
ORsambasambaMatch3.0.22
ORsambasambaMatch3.0.23
ORsambasambaMatch3.0.23a
ORsambasambaMatch3.0.23b
ORsambasambaMatch3.0.23c
ORsambasambaMatch3.0.23d
ORsambasambaMatch3.0.23a
ORsambasambaMatch3.0.23b
ORsambasambaMatch3.0.23c
ORsambasambaMatch3.0.23d
ORsambasambaMatch3.0.24
ORsambasambaMatch3.0.25
ORsambasambaMatch3.0.25a
ORsambasambaMatch3.0.25b
ORsambasambaMatch3.0.25c
ORsambasambaMatch3.0.25pre1
ORsambasambaMatch3.0.25pre2
ORsambasambaMatch3.0.25rc1
ORsambasambaMatch3.0.25rc2
ORsambasambaMatch3.0.25rc3
ORsambasambaMatch3.0.25a
ORsambasambaMatch3.0.25b
ORsambasambaMatch3.0.25c
ORsambasambaMatch3.0.26
ORsambasambaMatch3.0.26a
ORsambasambaMatch3.0.26a
ORsambasambaMatch3.0.27
ORsambasambaMatch3.0.27a
ORsambasambaMatch3.0.28
ORsambasambaMatch3.0.28a
ORsambasambaMatch3.0.29
ORsambasambaMatch3.0.30
ORsambasambaMatch3.0.31
ORsambasambaMatch3.0.32
ORsambasambaMatch3.0.33
ORsambasambaMatch3.0.34
ORsambasambaMatch3.0.35
ORsambasambaMatch3.0.36
ORsambasambaMatch3.0.37
ORsambasambaMatch3.1.0
ORsambasambaMatch3.2.0
ORsambasambaMatch3.2.1
ORsambasambaMatch3.2.2
ORsambasambaMatch3.2.3
ORsambasambaMatch3.2.4
ORsambasambaMatch3.2.5
ORsambasambaMatch3.2.6
ORsambasambaMatch3.2.7
ORsambasambaMatch3.2.8
ORsambasambaMatch3.2.9
ORsambasambaMatch3.2.10
ORsambasambaMatch3.2.11
ORsambasambaMatch3.2.12
ORsambasambaMatch3.2.13
ORsambasambaMatch3.2.14
ORsambasambaMatch3.2.15
ORsambasambaMatch3.3.0
ORsambasambaMatch3.3.1
ORsambasambaMatch3.3.2
ORsambasambaMatch3.3.3
ORsambasambaMatch3.3.4
ORsambasambaMatch3.3.5
ORsambasambaMatch3.3.6
ORsambasambaMatch3.3.7
ORsambasambaMatch3.3.8
ORsambasambaMatch3.3.9
ORsambasambaMatch3.3.10
ORsambasambaMatch3.3.11
ORsambasambaMatch3.3.12
ORsambasambaMatch3.3.13
ORsambasambaMatch3.3.14
ORsambasambaMatch3.3.15
ORsambasambaMatch3.3.16
ORsambasambaMatch3.4.0
ORsambasambaMatch3.4.1
ORsambasambaMatch3.4.2
ORsambasambaMatch3.4.3
ORsambasambaMatch3.4.4
ORsambasambaMatch3.4.5
ORsambasambaMatch3.4.6
ORsambasambaMatch3.4.7
ORsambasambaMatch3.4.8
ORsambasambaMatch3.4.9
ORsambasambaMatch3.4.10
ORsambasambaMatch3.4.11
ORsambasambaMatch3.4.12
ORsambasambaMatch3.4.13
ORsambasambaMatch3.4.14
ORsambasambaMatch3.5.0
ORsambasambaMatch3.5.1
ORsambasambaMatch3.5.2
ORsambasambaMatch3.5.3
ORsambasambaMatch3.5.4
ORsambasambaMatch3.5.5
ORsambasambaMatch3.5.6
ORsambasambaMatch3.5.7
ORsambasambaMatch3.5.8
ORsambasambaMatch3.5.9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| samba | samba | * | cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* |
| samba | samba | 1.9.17 | cpe:2.3:a:samba:samba:1.9.17:*:*:*:*:*:*:* |
| samba | samba | 1.9.17 | cpe:2.3:a:samba:samba:1.9.17:p1:*:*:*:*:*:* |
| samba | samba | 1.9.17 | cpe:2.3:a:samba:samba:1.9.17:p2:*:*:*:*:*:* |
| samba | samba | 1.9.17 | cpe:2.3:a:samba:samba:1.9.17:p3:*:*:*:*:*:* |
| samba | samba | 1.9.17 | cpe:2.3:a:samba:samba:1.9.17:p4:*:*:*:*:*:* |
| samba | samba | 1.9.17 | cpe:2.3:a:samba:samba:1.9.17:p5:*:*:*:*:*:* |
| samba | samba | 1.9.18 | cpe:2.3:a:samba:samba:1.9.18:*:*:*:*:*:*:* |
| samba | samba | 1.9.18 | cpe:2.3:a:samba:samba:1.9.18:p1:*:*:*:*:*:* |
| samba | samba | 1.9.18 | cpe:2.3:a:samba:samba:1.9.18:p10:*:*:*:*:*:* |
References
comments.gmane.org/gmane.linux.kernel.cifs/3827
git.samba.org/?p=cifs-utils.git%3Ba=commit%3Bh=1e7a32924b22d1f786b6f490ce8590656f578f91
openwall.com/lists/oss-security/2011/07/29/9
secunia.com/advisories/45798
www.mandriva.com/security/advisories?name=MDVSA-2011:148
www.redhat.com/support/errata/RHSA-2011-1220.html
www.redhat.com/support/errata/RHSA-2011-1221.html
www.securitytracker.com/id?1025984
bugzilla.redhat.com/show_bug.cgi?id=726691
Related
fedora
fedora
[SECURITY] Fedora 14 Update: cifs-utils-4.8.1-7.fc14
2011-08-09 01:29:26
[SECURITY] Fedora 16 Update: cifs-utils-5.0-2.fc16
2011-08-22 15:29:48
[SECURITY] Fedora 15 Update: cifs-utils-5.0-2.fc15
2011-08-09 01:35:06
debiancve
debiancve
CVE-2011-2724
2011-09-06 16:55:10
CVE-2010-0547
2010-02-04 20:15:24
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:02:27
Denial Of Service (DoS)
2020-04-10 00:51:48
openvas
openvas
Samba 'client/mount.cifs.c' Remote Denial of Service Vulnerability
2010-02-22 00:00:00
Fedora Update for cifs-utils FEDORA-2011-10028
2012-03-19 00:00:00
Fedora Update for cifs-utils FEDORA-2011-9847
2011-08-12 00:00:00
cvelist
cvelist
CVE-2011-2724
2011-09-06 16:00:00
CVE-2010-0547
2010-02-04 18:00:00
nessus
nessus
Fedora 15 : cifs-utils-5.0-2.fc15 (2011-9831)
2011-08-09 00:00:00
Fedora 16 : cifs-utils-5.0-2.fc16 (2011-10028)
2011-08-23 00:00:00
Fedora 14 : cifs-utils-4.8.1-7.fc14 (2011-9847)
2011-08-09 00:00:00
prion
prion
Path traversal
2011-09-06 16:55:00
Path traversal
2010-02-04 20:15:00
ubuntucve
ubuntucve
CVE-2011-2724
2011-09-06 00:00:00
CVE-2010-0547
2010-02-04 00:00:00
cve
cve
CVE-2011-2724
2011-09-06 16:55:10
CVE-2010-0547
2010-02-04 20:15:24
centos
centos
samba3x security update
2011-09-01 16:12:20
libsmbclient, samba security update
2011-08-29 21:13:06
altlinux
altlinux
Security fix for the ALT Linux 6 package samba version 3.5.10-alt2
2011-08-01 00:00:00
redhat
redhat
(RHSA-2011:1220) Moderate: samba3x security update
2011-08-29 00:00:00
(RHSA-2011:1221) Moderate: samba and cifs-utils security and bug fix update
2011-08-29 00:00:00
(RHSA-2011:1219) Moderate: samba security update
2011-08-29 00:00:00
seebug
seebug
Samba 3.4.5 client/mount.cifs.c本地拒绝服务漏洞
2010-05-06 00:00:00
nvd
nvd
CVE-2010-0547
2010-02-04 20:15:24
ubuntu
ubuntu
cifs-utils vulnerabilities
2011-10-04 00:00:00
Samba vulnerabilities
2011-10-04 00:00:00
debian
debian
[SECURITY] [DSA 2004-1] New samba packages fix several vulnerabilities
2010-02-28 21:55:00
oraclelinux
oraclelinux
samba security update
2011-08-29 00:00:00
samba security, bug fix, and enhancement update
2012-03-01 00:00:00
samba3x security update
2011-08-29 00:00:00
gentoo
gentoo
mount-cifs: Multiple vulnerabilites
2012-06-25 00:00:00
Samba: Multiple vulnerabilities
2012-06-24 00:00:00
securityvulns
securityvulns
[USN-1226-1] Samba vulnerabilities
2011-10-16 00:00:00
Samba security vulnerabilities
2011-10-16 00:00:00
osv
osv
samba - several vulnerabilities
2010-02-28 00:00:00
cifs-utils-6.5-1.5 on GA media
2024-06-15 00:00:00
ctdb-4.5.0-1.1 on GA media
2024-06-15 00:00:00
vmware
vmware
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00
CVSS2
1.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:N/I:N/A:P
AI Score
4.6
Confidence
High
EPSS
0.001
Percentile
39.6%
Related for NVD:CVE-2011-2724