Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:BSA-003-:A9953
HistorySep 30, 2010 - 9:38 a.m.

BSA-003 Security Update for samba

2010-09-3009:38:45
lists.debian.org
7

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.915 High

EPSS

Percentile

98.6%

JSON

Christian Perrier uploaded new packages for samba which fixed the
following security problems:

CVE-2010-3069
A vulnerability has been discovered in samba, a SMB/CIFS file,
print, and login server for Unix.

The sid_parse() function does not correctly check its input lengths
when reading a binary representation of a Windows SID (Security ID).
This allows a malicious client to send a sid that can overflow the
stack variable that is being used to store the SID in the Samba smbd
server.

For the lenny-backports distribution the problems have been fixed in
version 2:3.5.5~dfsg-1~bpo50+1.

Upgrade instructions

If you don't use pinning (see [1]) you have to update the package
manually via "apt-get -t lenny-backports install <packagelist>" with
the packagelist of your installed packages affected by this update.
[1] <http://backports.debian.org/Instructions&gt;

We recommend to pin the backports repository to 200 so that new
versions of installed backports will be installed automatically.

Package: *
Pin: release a=lenny-backports
Pin-Priority: 200

Related

openvas 39
nessus 33
checkpoint_advisories 1
osv 1
oraclelinux 4
altlinux 2
securityvulns 6
redhat 3
cve 1
veracode 1
debian 3
fedora 4
ubuntucve 1
samba 1
debiancve 1
centos 2
prion 1
slackware 1
ubuntu 1
vmware 2
suse 1
gentoo 1
openvas
openvas
CentOS Update for samba CESA-2010:0697 centos4 i386
2010-09-22 00:00:00
RedHat Update for samba3x RHSA-2010:0698-01
2010-09-22 00:00:00
CentOS Update for libtalloc CESA-2010:0698 centos5 i386
2011-08-09 00:00:00
nessus
nessus
openSUSE Security Update : ldapsmb (openSUSE-SU-2010:0653-1)
2014-06-13 00:00:00
Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : samba vulnerability (USN-987-1)
2010-09-15 00:00:00
Oracle Linux 5 : samba3x (ELSA-2010-0698)
2013-07-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Samba SID Parsing Stack Buffer Overflow (CVE-2010-3069)
2010-11-15 00:00:00
osv
osv
samba - buffer overflow
2010-09-16 00:00:00
oraclelinux
oraclelinux
samba3x security update
2010-09-15 00:00:00
samba security update
2011-02-10 00:00:00
samba security and bug fix update
2010-09-14 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package samba version 3.5.5-alt1
2010-09-14 00:00:00
Security fix for the ALT Linux 5 package samba version 3.0.37-alt3.M50P.1
2010-09-13 00:00:00
securityvulns
securityvulns
SAMBA buffer overflow
2010-09-16 00:00:00
[USN-987-1] Samba vulnerability
2010-09-16 00:00:00
Apple Mac OS X multiple security vulnerabilities
2011-07-06 00:00:00
redhat
redhat
(RHSA-2010:0697) Critical: samba security and bug fix update
2010-09-14 00:00:00
(RHSA-2010:0698) Critical: samba3x security update
2010-09-14 00:00:00
(RHSA-2010:0860) Critical: samba security update
2010-11-10 00:00:00
cve
cve
CVE-2010-3069
2010-09-15 18:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:47:54
debian
debian
[SECURITY] [DSA-2109-1] New samba packages fix buffer overflow
2010-09-16 16:56:00
BSA-003 Security Update for samba
2010-09-30 05:47:13
[SECURITY] [DSA-2109-1] New samba packages fix buffer overflow
2010-09-16 16:56:00
fedora
fedora
[SECURITY] Fedora 14 Update: samba-3.5.5-68.fc14
2010-09-15 07:09:26
[SECURITY] Fedora 13 Update: samba-3.5.5-68.fc13
2010-09-15 05:22:12
[SECURITY] Fedora 13 Update: samba-3.5.8-74.fc13
2011-03-19 10:27:41
ubuntucve
ubuntucve
CVE-2010-3069
2010-09-14 00:00:00
samba
samba
Buffer Overrun Vulnerability
2010-09-14 00:00:00
debiancve
debiancve
CVE-2010-3069
2010-09-15 18:00:00
centos
centos
libtalloc, libtdb, samba3x, tdb security update
2010-09-15 22:42:24
libsmbclient, samba security update
2010-09-15 13:23:12
prion
prion
Stack overflow
2010-09-15 18:00:00
slackware
slackware
[slackware-security] samba
2010-09-15 03:39:16
ubuntu
ubuntu
Samba vulnerability
2010-09-14 00:00:00
vmware
vmware
VMware ESX third party updates for Service Console
2010-12-07 00:00:00
VMware ESX third party updates for Service Console
2010-12-07 00:00:00
suse
suse
Security update for Samba (critical)
2012-03-09 17:08:16
gentoo
gentoo
Samba: Multiple vulnerabilities
2012-06-24 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.915 High

EPSS

Percentile

98.6%

JSON
Related for DEBIAN:BSA-003-:A9953
openvas39nessus33checkpoint_advisories1osv1oraclelinux4altlinux2securityvulns6redhat3cve1veracode1debian3fedora4ubuntucve1samba1debiancve1centos2prion1slackware1ubuntu1vmware2suse1gentoo1