Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
sambaSamba SecuritySAMBA:CVE-2012-0870
HistoryFeb 23, 2012 - 12:00 a.m.

Remote code execution vulnerability in smbd

2012-02-2300:00:00
Samba Security
www.samba.org
77

7.9 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:C/I:C/A:C

0.959 High

EPSS

Percentile

99.4%

JSON

Description

Samba versions up to 3.4.0 do not ensure that AndX offsets of the smb daemon
(smbd) are increasing strictly monotonically.

Therefore a remote code execution vulnerability exists in the smbd service.
A remote attacker could use the vulnerability to launch an exploit over a
network connection.

Workaround

None.

Patch Availability

A patch addressing this defect has been posted to

http://www.samba.org/samba/security/

As all pre-3.4.0 versions are discontinued at least since August 9, 2011 even
for security patches, the patches are provided as an extra service to our
community, users, and vendors.

Credits

The vulnerability was discovered by Andy Davis of NGS Secure¹ and reported to
Research In Motion².

The patches were written by Volker Lendecke of the Samba Team.

References

¹ http://www.ngssecure.com/research/research-overview.aspx
² http://www.blackberry.com/btsc/KB29565

Related

openvas 20
suse 6
redhat 1
ubuntu 1
checkpoint_advisories 2
nessus 12
prion 1
securityvulns 4
cve 1
debiancve 1
veracode 1
oraclelinux 1
seebug 1
ubuntucve 1
centos 1
gentoo 1
openvas
openvas
RedHat Update for samba RHSA-2012:0332-01
2012-02-27 00:00:00
CentOS Update for samba CESA-2012:0332 centos4
2012-07-30 00:00:00
Oracle: Security Advisory (ELSA-2012-0332)
2015-10-06 00:00:00
suse
suse
Security update for Samba (critical)
2012-03-08 19:08:17
Security update for Samba (critical)
2012-03-08 19:08:22
update for samba (critical)
2012-04-16 15:08:16
redhat
redhat
(RHSA-2012:0332) Critical: samba security update
2012-02-23 00:00:00
ubuntu
ubuntu
Samba vulnerability
2012-02-24 00:00:00
checkpoint_advisories
checkpoint_advisories
Samba smbd Packets Infinite Loop Code Execution (CVE-2012-0870)
2012-05-14 00:00:00
Samba V3 Buffer Overflow - Ver2 (CVE-2012-0870)
2018-06-19 00:00:00
nessus
nessus
Scientific Linux Security Update : samba on SL4.x i386/x86_64 (20120223)
2012-08-01 00:00:00
SuSE 10 Security Update : Samba (ZYPP Patch Number 7985)
2012-03-09 00:00:00
RHEL 4 / 5 : samba (RHSA-2012:0332)
2012-02-24 00:00:00
prion
prion
Heap overflow
2012-02-23 12:33:00
securityvulns
securityvulns
Samba DoS
2012-03-09 00:00:00
[ MDVSA-2012:025 ] samba
2012-03-09 00:00:00
NGS00237 Patch Notification: Samba Andx request Remote Code Execution
2012-03-09 00:00:00
cve
cve
CVE-2012-0870
2012-02-23 12:33:00
debiancve
debiancve
CVE-2012-0870
2012-02-23 12:33:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:11:33
oraclelinux
oraclelinux
samba security update
2012-02-28 00:00:00
seebug
seebug
Samba 'AndX'请求堆缓冲区溢出漏洞(CVE-2012-0870)
2012-02-28 00:00:00
ubuntucve
ubuntucve
CVE-2012-0870
2012-02-23 00:00:00
centos
centos
samba security update
2012-02-24 00:06:51
gentoo
gentoo
Samba: Multiple vulnerabilities
2012-06-24 00:00:00

7.9 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:C/I:C/A:C

0.959 High

EPSS

Percentile

99.4%

JSON
Related for SAMBA:CVE-2012-0870
openvas20suse6redhat1ubuntu1checkpoint_advisories2nessus12prion1securityvulns4cve1debiancve1veracode1oraclelinux1seebug1ubuntucve1centos1gentoo1