CVSS: 4.4EPSS: 0%CPEs: 5EXPL: 0CVE-2010-0787 – samba: Race condition by mount (mount.cifs) operations
https://notcve.org/view.php?id=CVE-2010-0787
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. client/mount.cifs.c en mount.cifs en smbfs en Samba v3.0.22, v3.0.28a, v3.2.3, v3.3.2, v3.4.0, and v3.4.5 permite a usuarios locales montar un CIFS compartido en un punto de montaje arbitrario y ganar privilegios, a través de un ataque de enlace simbólico en un fichero del directorio del punto de montaje. • http://git.samba.org/?p=samba.git%3Ba=commit%3Bh=3ae5dac462c4ed0fb2cd94553583c56fce2f9d80 http://git.samba.org/?p=samba.git%3Ba=commit%3Bh=a0c31ec1c8d1220a5884e40d9ba6b191a04a24d5 http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034444.html http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034470.html http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://secunia.com/advisories/38286 http://secunia.com/advisories/38308 http://secunia.com/advisories • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 2.6EPSS: 0%CPEs: 123EXPL: 0CVE-2010-0547 – samba: mount.cifs improper device name and mountpoint strings sanitization
https://notcve.org/view.php?id=CVE-2010-0547
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. client/mount.cifs.c en mount.cifs en smbfs en Samba v3.4.5 y anteriores no verifica (1) el nombre de dispositivo (2) cadenas de puntos de montaje compuestas por varios caracteres lo que permite a usuarios locales causar una denegación de servicio (corrupción mtab) a través de una cadena manipulada. • http://git.samba.org/?p=samba.git%3Ba=commit%3Bh=a065c177dfc8f968775593ba00dffafeebb2e054 http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://secunia.com/advisories/39317 http://security.gentoo.org/glsa/glsa-201206-29.xml http://www.mandriva.com/security/advisories?name=MDVSA-2010:090 http://www.securityfocus.com/bid/38326 http://www.vupen.com/english/advisories/2010/1062 https://access. • CWE-20: Improper Input Validation •
CVSS: 4.0EPSS: 0%CPEs: 9EXPL: 0CVE-2009-2906 – samba: infinite loop flaw in smbd on unexpected oplock break notification reply
https://notcve.org/view.php?id=CVE-2009-2906
smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet. smbd en Samba v3.0 anterior a v3.0.37, v3.2 anterior a v3.2.15, v3.3 anterior a v3.3.8 y v3.4 anterior a v3.4.2, permite a usuarios autenticados remotamente provocar una denegación de servicio (bucle infinito) a través de un paquete de notificación de respuesta "oplock break" imprevisto. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html http://news.samba.org/releases/3.0.37 http://news.samba.org/releases/3.2.15 http://news.samba.org/releases/3.3.8 http://news.samba.org/releases/3.4.2 http://osvdb.org/58519 http://samba.org/samba/security/CVE-2009-2906.html http://secunia.com/advisories/36893 http://secunia.com/advisories/36918 http:/&#x • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 1.9EPSS: 0%CPEs: 4EXPL: 0CVE-2009-2948 – samba: information disclosure in suid mount.cifs
https://notcve.org/view.php?id=CVE-2009-2948
mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or -v option. mount.cifs en Samba v3.0 anterior a v3.0.37, v3.2 anterior a v3.2.15, v3.3 anterior a v3.3.8 y v3.4 anterior a v3.4.2, cuando mount.cifs es instalado con el suid root, no refuerza los permisos adecuadamente, lo que permite a usuarios locales leer parte del archivo de credenciales y obtener la contraseña especificando la ruta al archivo de credenciales y usando la opción --verbose o -v. • http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html http://news.samba.org/releases/3.0.37 http://news.samba.org/releases/3.2.15 http://news.samba.org/releases/3.3.8 http://news.samba.org/releases/3.4.2 http://osvdb.org/58520 http://secunia.com/advisories/36893 http://secunia.com/advisories/36918 http://secunia.com/advisories/36937 http://secunia.com/advisories/36953 http://slackware.com/security/viewer.php?l=slackware-security&y=2009 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.0EPSS: 0%CPEs: 78EXPL: 0CVE-2009-2813 – Samba: Share restriction bypass via home-less directory user account(s)
https://notcve.org/view.php?id=CVE-2009-2813
Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories. Samba 3.4 en versiones anteriores a 3.4.2, 3.3 en versiones anteriores a 3.3.8, 3.2 en versiones anteriores a 3.2.15 y 3.0.12 hasta la versión 3.0.36, como es utilizado en el subsistema SMB en Apple Mac OS X 10.5.8 cuando Windows File Sharing está habilitado, Fedora 11 y otros sistemas operativos, no maneja adecuadamente errores al resolver nombres de ruta, lo que permite a usuarios remotos autenticados eludir las restricciones previstas para los recursos compartidos así como, leer, crear o modificar archivos, en determinadas circunstancias que involucran a las cuentas de usuario que carecen de directorios de inicio. • http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html http://marc.info/?l=bugtraq&m=126514298313071&w=2 http://news.samba.org/releases/3.0.37 http://news.samba.org/releases/3.2.15 http://news.samba.org/releases/3.3.8 http://news.samba.org/releases/3.4.2 http://osvdb.org/57955 http://secunia.com/advisories/36701 http://secunia.com/advisories/36893 http://se • CWE-264: Permissions, Privileges, and Access Controls •