Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2009-1886
HistoryJun 25, 2009 - 12:00 a.m.

CVE-2009-1886

2009-06-2500:00:00
ubuntu.com
ubuntu.com
10

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.8%

JSON

Multiple format string vulnerabilities in client/client.c in smbclient in
Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to
execute arbitrary code via format string specifiers in a filename.

Notes

Author Note
jdstrand priority low as the vulnerability is reduced to denial of service due to compiler hardening does not affect 3.0 or 3.3
mdeslaur confirmed trapped by compiler hardening, although could still be a DoS for tools that use smbclient in an automated way, so marking as low priority
OSVersionArchitecturePackageVersionFilename
ubuntu8.10noarchsamba< 2:3.2.3-1ubuntu3.6UNKNOWN

Related

cve 1
openvas 15
prion 1
debiancve 1
samba 1
slackware 1
osv 1
seebug 1
securityvulns 2
nessus 9
debian 1
ubuntu 1
suse 1
cve
cve
CVE-2009-1886
2009-06-25 01:30:00
openvas
openvas
Samba Format String Vulnerability
2009-06-30 00:00:00
SLES10: Security update for Samba
2009-10-13 00:00:00
SLES11: Security update for Samba
2009-10-11 00:00:00
prion
prion
Format string
2009-06-25 01:30:00
debiancve
debiancve
CVE-2009-1886
2009-06-25 01:30:00
samba
samba
Formatstring vulnerability in smbclient
2009-06-23 00:00:00
slackware
slackware
samba
2009-06-27 01:39:28
osv
osv
samba - several vulnerabilities
2009-06-25 00:00:00
seebug
seebug
Samba格式串和安全绕过漏洞
2009-06-25 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1823-1] New samba packages fix several vulnerabilities
2009-06-26 00:00:00
Samba security vulnerabilities
2009-06-26 00:00:00
nessus
nessus
openSUSE Security Update : cifs-mount (cifs-mount-1036)
2009-07-21 00:00:00
Debian DSA-1823-1 : samba - several vulnerabilities
2009-06-30 00:00:00
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / current : samba (SSA:2009-177-01)
2009-06-28 00:00:00
debian
debian
[SECURITY] [DSA 1823-1] New samba packages fix several vulnerabilities
2009-06-25 19:08:42
ubuntu
ubuntu
Samba vulnerabilities
2009-10-01 00:00:00
suse
suse
remote code execution in dhcp-client
2009-07-15 16:27:03

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.8%

JSON
Related for UB:CVE-2009-1886
cve1openvas15prion1debiancve1samba1slackware1osv1seebug1securityvulns2nessus9debian1ubuntu1suse1