2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
24.1%
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | samba | < 2:3.4.5~dfsg-2 | samba_2:3.4.5~dfsg-2_all.deb |
Debian | 11 | all | samba | < 2:3.4.5~dfsg-2 | samba_2:3.4.5~dfsg-2_all.deb |
Debian | 10 | all | samba | < 2:3.4.5~dfsg-2 | samba_2:3.4.5~dfsg-2_all.deb |
Debian | 999 | all | samba | < 2:3.4.5~dfsg-2 | samba_2:3.4.5~dfsg-2_all.deb |
Debian | 13 | all | samba | < 2:3.4.5~dfsg-2 | samba_2:3.4.5~dfsg-2_all.deb |