Lucene search
UbuntuUSN-1374-1HistoryFeb 24, 2012 - 12:00 a.m.
Samba vulnerability
2012-02-2400:00:00
ubuntu.com
45
CVSS2
7.9
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0.958
Percentile
99.5%
Releases
- Ubuntu 8.04
Packages
- samba - SMB/CIFS file, print, and login server for Unix
Details
Andy Davis discovered that Samba incorrectly handled certain AndX offsets.
A remote attacker could send a specially crafted request to the server and
cause a denial of service, or possibly execute arbitrary code.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.04 | noarch | samba | <Β 3.0.28a-1ubuntu4.17 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libpam-smbpass | <Β 3.0.28a-1ubuntu4.17 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libsmbclient | <Β 3.0.28a-1ubuntu4.17 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libsmbclient-dev | <Β 3.0.28a-1ubuntu4.17 | UNKNOWN |
| Ubuntu | 8.04 | noarch | samba-common | <Β 3.0.28a-1ubuntu4.17 | UNKNOWN |
| Ubuntu | 8.04 | noarch | samba-dbg | <Β 3.0.28a-1ubuntu4.17 | UNKNOWN |
| Ubuntu | 8.04 | noarch | smbclient | <Β 3.0.28a-1ubuntu4.17 | UNKNOWN |
| Ubuntu | 8.04 | noarch | smbfs | <Β 3.0.28a-1ubuntu4.17 | UNKNOWN |
| Ubuntu | 8.04 | noarch | swat | <Β 3.0.28a-1ubuntu4.17 | UNKNOWN |
| Ubuntu | 8.04 | noarch | winbind | <Β 3.0.28a-1ubuntu4.17 | UNKNOWN |
References
Related
checkpoint_advisories
checkpoint_advisories
Samba smbd Packets Infinite Loop Code Execution (CVE-2012-0870)
2012-05-14 00:00:00
Samba V3 Buffer Overflow - Ver2 (CVE-2012-0870)
2018-06-19 00:00:00
openvas
openvas
Mandriva Update for samba MDVSA-2012:025 (samba)
2012-03-07 00:00:00
Ubuntu: Security Advisory (USN-1374-1)
2012-03-09 00:00:00
Mandriva Update for samba MDVSA-2012:025 (samba)
2012-03-07 00:00:00
securityvulns
securityvulns
Samba DoS
2012-03-09 00:00:00
[ MDVSA-2012:025 ] samba
2012-03-09 00:00:00
NGS00237 Patch Notification: Samba Andx request Remote Code Execution
2012-03-09 00:00:00
nessus
nessus
SuSE 10 Security Update : Samba (ZYPP Patch Number 7985)
2012-03-09 00:00:00
Scientific Linux Security Update : samba on SL4.x i386/x86_64 (20120223)
2012-08-01 00:00:00
RHEL 4 / 5 : samba (RHSA-2012:0332)
2012-02-24 00:00:00
prion
prion
Heap overflow
2012-02-23 12:33:00
cve
cve
CVE-2012-0870
2012-02-23 12:33:55
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:11:33
cvelist
cvelist
CVE-2012-0870
2012-02-23 11:00:00
oraclelinux
oraclelinux
samba security update
2012-02-28 00:00:00
nvd
nvd
CVE-2012-0870
2012-02-23 12:33:55
redhat
redhat
(RHSA-2012:0332) Critical: samba security update
2012-02-23 00:00:00
suse
suse
Security update for Samba (critical)
2012-03-08 19:08:17
Security update for Samba (critical)
2012-03-08 19:08:22
update for samba (critical)
2012-04-16 15:08:16
ubuntucve
ubuntucve
CVE-2012-0870
2012-02-23 00:00:00
seebug
seebug
Samba 'AndX'θ―·ζ±ε ηΌε²εΊζΊ’εΊζΌζ΄(CVE-2012-0870)
2012-02-28 00:00:00
centos
centos
samba security update
2012-02-24 00:06:51
debiancve
debiancve
CVE-2012-0870
2012-02-23 12:33:55
samba
samba
Remote code execution vulnerability in smbd
2012-02-23 00:00:00
gentoo
gentoo
Samba: Multiple vulnerabilities
2012-06-24 00:00:00
osv
osv
ctdb-4.5.0-1.1 on GA media
2024-06-15 00:00:00
CVSS2
7.9
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0.958
Percentile
99.5%
Related for USN-1374-1