Denial Of Service (DoS)

2020-04-1001:02:27

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

1.2 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:N/A:P

JSON

samba is vulnerable to denial of service. It was found that the fix for CVE-2010-0547, provided by the Samba rebase in RHBA-2011:0054, was incomplete. The mount.cifs tool did not properly handle share or directory names containing a newline character, allowing a local attacker to corrupt the mtab (mounted file systems table) file via a specially-crafted CIFS (Common Internet File System) share mount request, if mount.cifs had the setuid bit set.

CPENameOperatorVersion
samba3xeq3.5.4__0.70.el5
samba3xeq3.3.8__0.52.el5_5.2
samba3xeq3.3.8__0.52.el5_5
samba3xeq3.5.4__0.70.el5_6.1
samba3xeq3.3.8__0.51.el5
sambaeq3.5.4__68.el6
sambaeq3.5.4__68.el6_0.1
sambaeq3.5.4__68.el6_0.2
cifs-utilseq4.4__5.el6_0.2
cifs-utilseq4.4__5.el6

Name	Operator	Version
samba3x	eq	3.5.4__0.70.el5
samba3x	eq	3.3.8__0.52.el5_5.2
samba3x	eq	3.3.8__0.52.el5_5
samba3x	eq	3.5.4__0.70.el5_6.1
samba3x	eq	3.3.8__0.51.el5
samba	eq	3.5.4__68.el6
samba	eq	3.5.4__68.el6_0.1
samba	eq	3.5.4__68.el6_0.2
cifs-utils	eq	4.4__5.el6_0.2
cifs-utils	eq	4.4__5.el6