[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-0547Date: (C)2010-02-04   (M)2023-12-22


client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.1
Exploit Score: 3.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
BID-38326
SECUNIA-39317
ADV-2010-1062
GLSA-201206-29
MDVSA-2010:090
SUSE-SR:2010:008
SUSE-SR:2010:014
http://git.samba.org/?p=samba.git%3Ba=commit%3Bh=a065c177dfc8f968775593ba00dffafeebb2e054

CPE    121
cpe:/a:samba:samba:3.0.2a
cpe:/a:samba:samba:3.0.21a
cpe:/a:samba:samba:2.2.6
cpe:/a:samba:samba:2.2.7
...
CWE    1
CWE-20
OVAL    14
oval:org.secpod.oval:def:201583
oval:org.secpod.oval:def:201620
oval:org.secpod.oval:def:102834
oval:org.secpod.oval:def:500077
...

© SecPod Technologies