7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.915 High
EPSS
Percentile
98.9%
CentOS Errata and Security Advisory CESA-2010:0698
Samba is a suite of programs used by machines to share files, printers, and
other information.
A missing array boundary checking flaw was found in the way Samba parsed
the binary representation of Windows security identifiers (SIDs). A
malicious client could send a specially-crafted SMB request to the Samba
server, resulting in arbitrary code execution with the privileges of the
Samba server (smbd). (CVE-2010-3069)
Users of Samba are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing this
update, the smb service will be restarted automatically.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2010-September/079166.html
https://lists.centos.org/pipermail/centos-announce/2010-September/079167.html
Affected packages:
libtalloc
libtalloc-devel
libtdb
libtdb-devel
samba3x
samba3x-client
samba3x-common
samba3x-doc
samba3x-domainjoin-gui
samba3x-swat
samba3x-winbind
samba3x-winbind-devel
tdb-tools
Upstream details at:
https://access.redhat.com/errata/RHSA-2010:0698
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 5 | i386 | libtalloc | < 1.2.0-52.el5_5.2 | libtalloc-1.2.0-52.el5_5.2.i386.rpm |
CentOS | 5 | i386 | libtalloc-devel | < 1.2.0-52.el5_5.2 | libtalloc-devel-1.2.0-52.el5_5.2.i386.rpm |
CentOS | 5 | i386 | libtdb | < 1.1.2-52.el5_5.2 | libtdb-1.1.2-52.el5_5.2.i386.rpm |
CentOS | 5 | i386 | libtdb-devel | < 1.1.2-52.el5_5.2 | libtdb-devel-1.1.2-52.el5_5.2.i386.rpm |
CentOS | 5 | i386 | samba3x | < 3.3.8-0.52.el5_5.2 | samba3x-3.3.8-0.52.el5_5.2.i386.rpm |
CentOS | 5 | i386 | samba3x-client | < 3.3.8-0.52.el5_5.2 | samba3x-client-3.3.8-0.52.el5_5.2.i386.rpm |
CentOS | 5 | i386 | samba3x-common | < 3.3.8-0.52.el5_5.2 | samba3x-common-3.3.8-0.52.el5_5.2.i386.rpm |
CentOS | 5 | i386 | samba3x-doc | < 3.3.8-0.52.el5_5.2 | samba3x-doc-3.3.8-0.52.el5_5.2.i386.rpm |
CentOS | 5 | i386 | samba3x-domainjoin-gui | < 3.3.8-0.52.el5_5.2 | samba3x-domainjoin-gui-3.3.8-0.52.el5_5.2.i386.rpm |
CentOS | 5 | i386 | samba3x-swat | < 3.3.8-0.52.el5_5.2 | samba3x-swat-3.3.8-0.52.el5_5.2.i386.rpm |