CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.5%
Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in
the file-sharing service on the BlackBerry PlayBook tablet before
2.0.0.7971 and other products, allows remote attackers to cause a denial of
service (daemon crash) or possibly execute arbitrary code via a Batched
(aka AndX) request that triggers infinite recursion.
Author | Note |
---|---|
mdeslaur | only affects samba < 3.4.0 |
btsc.webapps.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB29565
www.samba.org/samba/security/CVE-2012-0870.html
www.securityfocus.com/bid/52103
launchpad.net/bugs/cve/CVE-2012-0870
nvd.nist.gov/vuln/detail/CVE-2012-0870
security-tracker.debian.org/tracker/CVE-2012-0870
ubuntu.com/security/notices/USN-1374-1
www.cve.org/CVERecord?id=CVE-2012-0870