Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:19816
HistoryJun 18, 2010 - 12:00 a.m.

Samba SMB1报文链接远程内存破坏漏洞

2010-06-1800:00:00
Root
www.seebug.org
18

0.972 High

EPSS

Percentile

99.8%

JSON

BUGTRAQ ID: 40884
CVE ID: CVE-2010-2063

Samba是一套实现SMB(Server Messages Block)协议、跨平台进行文件共享和打印共享服务的程序。

Samba中负责处理链接起SMB1报文的代码没有正确地验证客户端所提供的输入字段,恶意客户端可以向Samba服务器发送特制的SMB报文触发堆内存破坏,导致以Samba服务器(smbd)的权限执行任意代码。利用这个漏洞无需认证,且samba的默认配置便受这个漏洞影响。

Samba 3.0.x - 3.3.12
厂商补丁:

RedHat

RedHat已经为此发布了一个安全公告(RHSA-2010:0488-01)以及相应补丁:
RHSA-2010:0488-01:Critical: samba and samba3x security update
链接:https://www.redhat.com/support/errata/RHSA-2010-0488.html

Samba

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.samba.org/samba/security/

Related

securityvulns 2
nessus 19
veracode 1
osv 1
slackware 1
debian 1
openvas 25
f5 2
cve 1
prion 1
altlinux 1
oraclelinux 1
packetstorm 1
centos 1
redhat 1
debiancve 1
ubuntu 1
checkpoint_advisories 1
ubuntucve 1
samba 1
suse 2
vmware 2
seebug 1
gentoo 1
securityvulns
securityvulns
iDefense Security Advisory 06.16.10: Samba 3.3.12 Memory Corruption Vulnerability
2010-06-20 00:00:00
Samba buffer overflow
2010-06-20 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : samba (MDVSA-2010:119)
2010-06-18 00:00:00
Scientific Linux Security Update : samba and samba3x on SL5.x i386/x86_64
2012-08-01 00:00:00
Oracle Linux 3 / 4 / 5 : samba / samba3x (ELSA-2010-0488)
2013-07-12 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:49:16
osv
osv
samba - arbitrary code execution
2010-06-16 00:00:00
slackware
slackware
[slackware-security] samba
2010-06-18 21:10:09
debian
debian
[SECURITY] [DSA 2061-1] New samba packages fix arbitrary code execution
2010-06-16 20:40:50
openvas
openvas
Oracle: Security Advisory (ELSA-2010-0488)
2015-10-06 00:00:00
Mandriva Update for samba MDVSA-2010:119 (samba)
2010-06-18 00:00:00
Mandriva Update for mmc-wizard MDVA-2010:119 (mmc-wizard)
2010-04-19 00:00:00
f5
f5
K11720 : Samba server vulnerability CVE-2010-2063
2013-07-05 00:00:00
SOL11720 - Samba server vulnerability CVE-2010-2063
2010-06-21 00:00:00
cve
cve
CVE-2010-2063
2010-06-17 16:30:00
prion
prion
Buffer overflow
2010-06-17 16:30:00
altlinux
altlinux
Security fix for the ALT Linux 5 package samba version 3.0.37-alt2.M50P.1
2010-06-16 00:00:00
oraclelinux
oraclelinux
samba and samba3x security update
2010-06-16 00:00:00
packetstorm
packetstorm
Samba chain_reply Memory Corruption (Linux x86)
2010-07-17 00:00:00
centos
centos
libsmbclient, libtalloc, libtdb, samba, samba3x, tdb security update
2010-06-19 11:45:05
redhat
redhat
(RHSA-2010:0488) Critical: samba and samba3x security update
2010-06-16 00:00:00
debiancve
debiancve
CVE-2010-2063
2010-06-17 16:30:00
ubuntu
ubuntu
Samba vulnerability
2010-06-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Update Protection against SAMBA SMBI Packets Chaining Memory Corruption
2010-08-06 00:00:00
ubuntucve
ubuntucve
CVE-2010-2063
2010-06-16 00:00:00
samba
samba
Memory Corruption Vulnerability
2010-06-16 00:00:00
suse
suse
potential remote code execution in samba
2010-07-01 11:11:15
Security update for Samba (critical)
2012-03-09 17:08:16
vmware
vmware
VMware ESX third party updates for Service Console
2010-08-31 00:00:00
VMware ESX third party updates for Service Console
2010-08-31 00:00:00
seebug
seebug
VMware ESX Service Console多个安全漏洞
2012-01-13 00:00:00
gentoo
gentoo
Samba: Multiple vulnerabilities
2012-06-24 00:00:00

0.972 High

EPSS

Percentile

99.8%

JSON
Related for SSV:19816
securityvulns2nessus19veracode1osv1slackware1debian1openvas25f52cve1prion1altlinux1oraclelinux1packetstorm1centos1redhat1debiancve1ubuntu1checkpoint_advisories1ubuntucve1samba1suse2vmware2seebug1gentoo1