CVE-2011-2724

2011-09-0600:00:00

ubuntu.com

1.2 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

38.7%

JSON

The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in
Samba 3.5.10 and earlier does not properly verify that the (1) device name
and (2) mountpoint strings are composed of valid characters, which allows
local users to cause a denial of service (mtab corruption) via a crafted
string. NOTE: this vulnerability exists because of an incorrect fix for
CVE-2010-0547.

Notes

Author	Note
jdstrand	we ship this suid by default, so this is medium
mdeslaur	hardy’s backport didn’t suffer from this flaw

OSVersionArchitecturePackageVersionFilename
ubuntu10.10noarchcifs-utils< 2:4.5-2ubuntu0.10.10.1UNKNOWN
ubuntu11.04noarchcifs-utils< 2:4.5-2ubuntu0.11.04.1UNKNOWN
ubuntu10.04noarchsamba< 2:3.4.7~dfsg-1ubuntu3.8UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	10.10	noarch	cifs-utils	< 2:4.5-2ubuntu0.10.10.1	UNKNOWN
ubuntu	11.04	noarch	cifs-utils	< 2:4.5-2ubuntu0.11.04.1	UNKNOWN
ubuntu	10.04	noarch	samba	< 2:3.4.7~dfsg-1ubuntu3.8	UNKNOWN