Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-893-1
HistoryJan 28, 2010 - 12:00 a.m.

Samba vulnerability

2010-01-2800:00:00
ubuntu.com
50

5.3 Medium

AI Score

Confidence

High

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

56.8%

JSON

Releases

  • Ubuntu 9.10
  • Ubuntu 9.04
  • Ubuntu 8.10
  • Ubuntu 8.04
  • Ubuntu 6.06

Packages

  • samba -

Details

Ronald Volgers discovered that the mount.cifs utility, when installed as a
setuid program, suffered from a race condition when verifying user
permissions. A local attacker could trick samba into mounting over
arbitrary locations, leading to a root privilege escalation.

OSVersionArchitecturePackageVersionFilename
Ubuntu9.10noarchsmbfs< 2:3.4.0-3ubuntu5.4UNKNOWN
Ubuntu9.10noarchlibpam-smbpass< 2:3.4.0-3ubuntu5.4UNKNOWN
Ubuntu9.10noarchlibsmbclient< 2:3.4.0-3ubuntu5.4UNKNOWN
Ubuntu9.10noarchlibsmbclient-dev< 2:3.4.0-3ubuntu5.4UNKNOWN
Ubuntu9.10noarchlibwbclient0< 2:3.4.0-3ubuntu5.4UNKNOWN
Ubuntu9.10noarchsamba< 2:3.4.0-3ubuntu5.4UNKNOWN
Ubuntu9.10noarchsamba-common-bin< 2:3.4.0-3ubuntu5.4UNKNOWN
Ubuntu9.10noarchsamba-dbg< 2:3.4.0-3ubuntu5.4UNKNOWN
Ubuntu9.10noarchsamba-tools< 2:3.4.0-3ubuntu5.4UNKNOWN
Ubuntu9.10noarchsmbclient< 2:3.4.0-3ubuntu5.4UNKNOWN
Rows per page:
1-10 of 571

Related

openvas 53
nessus 27
osv 1
cve 2
altlinux 2
seebug 1
fedora 9
debian 3
securityvulns 4
ubuntucve 1
prion 1
veracode 1
debiancve 1
ubuntu 1
suse 2
gentoo 1
redhat 1
centos 1
oraclelinux 2
vmware 2
openvas
openvas
Ubuntu: Security Advisory (USN-893-1)
2010-01-29 00:00:00
Samba 'mount.cifs' Utility Local Privilege Escalation Vulnerability
2010-01-29 00:00:00
Debian: Security Advisory (DSA-2004-1)
2010-03-16 00:00:00
nessus
nessus
Fedora 12 : samba-3.4.5-55.fc12 (2010-1218)
2010-07-01 00:00:00
Debian DSA-2004-1 : samba - several vulnerabilities
2010-03-02 00:00:00
Fedora 12 : samba-3.4.9-60.fc12 (2010-14678)
2010-09-16 00:00:00
osv
osv
samba - several vulnerabilities
2010-02-28 00:00:00
cve
cve
CVE-2009-3297
2010-03-02 18:30:00
CVE-2010-0787
2010-03-02 18:30:00
altlinux
altlinux
Security fix for the ALT Linux 5 package fuse version 2.8.2-alt1
2010-01-27 00:00:00
Security fix for the ALT Linux 6 package ncpfs version 2.2.6-alt9
2011-03-09 00:00:00
seebug
seebug
Samba 'mount.cifs'本地特权提升漏洞
2010-02-02 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: fuse-2.8.1-2.fc11
2010-02-01 01:08:01
[SECURITY] Fedora 12 Update: samba-3.4.5-55.fc12
2010-01-29 03:33:35
[SECURITY] Fedora 11 Update: ncpfs-2.2.6-12.fc11
2010-01-28 01:03:13
debian
debian
[SECURITY] [DSA-1989-1] New fuse packages fix denial of service
2010-02-02 22:57:09
[SECURITY] [DSA-1989-1] New fuse packages fix denial of service
2010-02-02 22:57:09
[SECURITY] [DSA 2004-1] New samba packages fix several vulnerabilities
2010-02-28 21:55:00
securityvulns
securityvulns
[USN-893-1] Samba vulnerability
2010-02-04 00:00:00
Samba race conditions
2010-02-04 00:00:00
ncpfs, Multiple Vulnerabilities
2010-03-11 00:00:00
ubuntucve
ubuntucve
CVE-2010-0787
2010-03-02 00:00:00
prion
prion
Directory traversal
2010-03-02 18:30:00
veracode
veracode
Symlink Attack
2020-04-10 00:51:48
debiancve
debiancve
CVE-2010-0787
2010-03-02 18:30:00
ubuntu
ubuntu
FUSE vulnerability
2010-01-28 00:00:00
suse
suse
potential remote code execution in samba
2010-07-01 11:11:15
Security update for Samba (critical)
2012-03-09 17:08:16
gentoo
gentoo
mount-cifs: Multiple vulnerabilites
2012-06-25 00:00:00
redhat
redhat
(RHSA-2011:1219) Moderate: samba security update
2011-08-29 00:00:00
centos
centos
libsmbclient, samba security update
2011-08-29 21:13:06
oraclelinux
oraclelinux
samba security update
2011-08-29 00:00:00
samba security, bug fix, and enhancement update
2012-03-01 00:00:00
vmware
vmware
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00

5.3 Medium

AI Score

Confidence

High

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

56.8%

JSON
Related for USN-893-1
openvas53nessus27osv1cve2altlinux2seebug1fedora9debian3securityvulns4ubuntucve1prion1veracode1debiancve1ubuntu1suse2gentoo1redhat1centos1oraclelinux2vmware2