7.9 High
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:C/I:C/A:C
0.959 High
EPSS
Percentile
99.4%
Samba versions up to 3.4.0 do not ensure that AndX offsets of the smb daemon
(smbd) are increasing strictly monotonically.
Therefore a remote code execution vulnerability exists in the smbd service.
A remote attacker could use the vulnerability to launch an exploit over a
network connection.
None.
A patch addressing this defect has been posted to
http://www.samba.org/samba/security/
As all pre-3.4.0 versions are discontinued at least since August 9, 2011 even
for security patches, the patches are provided as an extra service to our
community, users, and vendors.
The vulnerability was discovered by Andy Davis of NGS Secure¹ and reported to
Research In Motion².
The patches were written by Volker Lendecke of the Samba Team.
¹ http://www.ngssecure.com/research/research-overview.aspx
² http://www.blackberry.com/btsc/KB29565