Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:11701
HistoryJun 25, 2009 - 12:00 a.m.

Samba格式串和安全绕过漏洞

2009-06-2500:00:00
Root
www.seebug.org
35

0.017 Low

EPSS

Percentile

86.5%

JSON

Bugraq ID: 35472
CVE ID:CVE-2009-1888
CVE-2009-1886
CNCVE ID:CNCVE-20091888
CNCVE-20091886

Samba是一款实现SMB协议、跨平台进行文件共享和打印共享服务的程序。
Samba存在格式串和安全绕过问题,远程攻击者可以利用漏洞以应用程序权限执行任意指令。
-Samba 3.0.31 - 3.3.5中的smbd守护程序包含一个未初始化数据值读取问题,可影响访问控制。如果用户尝试修改访问拒绝权限的控制列表时,如果在smb.conf中设置"dos filemode"参数值为"yes",那么可越过这个拒绝权限制约,用户可对文件进行写访问。错误发生在针对写访问的检查过程中,读取的未初始化内存可代替文件’stat’结构的值。
-Samba 3.2.0 - 3.2.12包含的smbclient工具处理文件名时存在格式串错误:
smb: > put aa%3Fbb
putting file aa%3Fbb as \aa0,000000bb (0,0 kb/s) (average 0,0 kb/s)
很明显"aa%3Fbb"被解析成格式串,使用特殊构建的文件名,可触发格式串错误,导致内存破坏。

Samba Samba 3.3.5
Samba Samba 3.2.12
Samba Samba 3.2.5
Samba Samba 3.2.4
Samba Samba 3.2.3
Samba Samba 3.2.2
Samba Samba 3.2.1
Samba Samba 3.2
Samba Samba 3.0.34
Samba Samba 3.0.33
Samba Samba 3.0.32
Samba Samba 3.0.30

Related

slackware 1
osv 1
openvas 29
securityvulns 2
nessus 43
debian 1
cve 2
samba 2
ubuntucve 2
ubuntu 1
debiancve 2
prion 2
veracode 1
redhat 2
centos 1
oraclelinux 1
suse 1
vmware 2
slackware
slackware
samba
2009-06-27 01:39:28
osv
osv
samba - several vulnerabilities
2009-06-25 00:00:00
openvas
openvas
SLES10: Security update for Samba
2009-10-13 00:00:00
SLES11: Security update for Samba
2009-10-11 00:00:00
Debian Security Advisory DSA 1823-1 (samba)
2009-06-30 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1823-1] New samba packages fix several vulnerabilities
2009-06-26 00:00:00
Samba security vulnerabilities
2009-06-26 00:00:00
nessus
nessus
openSUSE Security Update : cifs-mount (cifs-mount-1036)
2009-07-21 00:00:00
Debian DSA-1823-1 : samba - several vulnerabilities
2009-06-30 00:00:00
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / current : samba (SSA:2009-177-01)
2009-06-28 00:00:00
debian
debian
[SECURITY] [DSA 1823-1] New samba packages fix several vulnerabilities
2009-06-25 19:08:42
cve
cve
CVE-2009-1886
2009-06-25 01:30:00
CVE-2009-1888
2009-06-25 01:30:00
samba
samba
Uninitialized read of a data value
2009-06-23 00:00:00
Formatstring vulnerability in smbclient
2009-06-23 00:00:00
ubuntucve
ubuntucve
CVE-2009-1888
2009-06-25 00:00:00
CVE-2009-1886
2009-06-25 00:00:00
ubuntu
ubuntu
Samba vulnerabilities
2009-10-01 00:00:00
debiancve
debiancve
CVE-2009-1888
2009-06-25 01:30:00
CVE-2009-1886
2009-06-25 01:30:00
prion
prion
Code injection
2009-06-25 01:30:00
Format string
2009-06-25 01:30:00
veracode
veracode
Unauthorized Access Control Modification
2020-04-10 00:39:56
redhat
redhat
(RHSA-2009:1585) Moderate: samba3x security and bug fix update
2009-11-16 00:00:00
(RHSA-2009:1529) Moderate: samba security update
2009-10-27 00:00:00
centos
centos
samba security update
2009-10-27 19:23:21
oraclelinux
oraclelinux
samba security update
2009-10-27 00:00:00
suse
suse
remote code execution in dhcp-client
2009-07-15 16:27:03
vmware
vmware
ESX Service Console updates for samba and acpid
2010-04-01 00:00:00
ESX Service Console updates for samba and acpid
2010-04-01 00:00:00

0.017 Low

EPSS

Percentile

86.5%

JSON
Related for SSV:11701
slackware1osv1openvas29securityvulns2nessus43debian1cve2samba2ubuntucve2ubuntu1debiancve2prion2veracode1redhat2centos1oraclelinux1suse1vmware2