Lucene search

K

Veracode Vulnerability DatabaseVERACODE:24705

HistoryApr 10, 2020 - 1:02 a.m.

Denial Of Service (DoS)

2020-04-1001:02:27

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

19

EPSS

0.001

Percentile

39.6%

samba is vulnerable to denial of service. It was found that the fix for CVE-2010-0547, provided by the Samba rebase in RHBA-2011:0054, was incomplete. The mount.cifs tool did not properly handle share or directory names containing a newline character, allowing a local attacker to corrupt the mtab (mounted file systems table) file via a specially-crafted CIFS (Common Internet File System) share mount request, if mount.cifs had the setuid bit set.

References

comments.gmane.org/gmane.linux.kernel.cifs/3827

git.samba.org/?p=cifs-utils.git%3Ba=commit%3Bh=1e7a32924b22d1f786b6f490ce8590656f578f91

git.samba.org/?p=cifs-utils.git;a=commit;h=1e7a32924b22d1f786b6f490ce8590656f578f91

openwall.com/lists/oss-security/2011/07/29/9

secunia.com/advisories/45798

www.mandriva.com/security/advisories?name=MDVSA-2011:148

www.redhat.com/support/errata/RHSA-2011-1220.html

www.redhat.com/support/errata/RHSA-2011-1221.html

www.securitytracker.com/id?1025984

access.redhat.com/errata/RHSA-2011:1220

access.redhat.com/security/updates/classification/#moderate

bugzilla.redhat.com/show_bug.cgi?id=726691

EPSS

0.001

Percentile

39.6%

Related for VERACODE:24705

fedora3 debiancve2 nvd2 openvas49 cvelist2 nessus30 prion2 ubuntucve2 cve2 centos2 altlinux1 redhat3 veracode1 seebug1 ubuntu2 gentoo2 debian1 oraclelinux4 securityvulns2 osv3 vmware2