CVSS: 8.3EPSS: 95%CPEs: 12EXPL: 0CVE-2012-0870 – samba: Any Batched ("AndX") request processing infinite recursion and heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2012-0870
Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion. Un desbordamiento de buffer basado en memoria dinámica (heap) en process.c de smbd en Samba v3.0, tal como se utiliza en el servicio de intercambio de archivos en la tableta BlackBerry PlayBook anterior a v2.0.0.7971 y otros productos, permite a atacantes remotos causar una denegación de servicio (caída de demonio) o posiblemente ejecutar código arbitrario a través de una por lotes (también conocido yx) que desencadena la solicitud de repetición infinita • http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB29565 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00014.html http://secunia.com/advisories/48116 http:& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 3%CPEs: 3EXPL: 0CVE-2012-0817
https://notcve.org/view.php?id=CVE-2012-0817
Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service (memory and CPU consumption) by making many connection requests. Fallo de memoria en smbd en Samba v3.6.x anterior a 3.6.3 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y CPU)realizando numerosas peticiones de conexión. • http://lists.fedoraproject.org/pipermail/package-announce/2012-February/072930.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00014.html http://secunia.com/advisories/47763 http://secunia.com/advisories/48879 http://www.samba.org/samba/history/samba-3.6.3.html http://www.samba.org/samba/security/CVE-2012-0817 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.7EPSS: 0%CPEs: 4EXPL: 0CVE-2011-3585 – Samba mtab lock file race condition
https://notcve.org/view.php?id=CVE-2011-3585
Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local users to cause a denial of service (mounting outage) via a SIGKILL signal during a time window when the /etc/mtab~ file exists. Múltiples condiciones de carrera en los programas (1) mount.cifs y (2) umount.cifs en Samba versión 3.6, permiten a usuarios locales causar una denegación de servicio (interrupción del montaje) por medio de una señal SIGKILL durante una ventana de tiempo cuando existe el archivo /etc/mtab~. • https://bugzilla.redhat.com/show_bug.cgi?id=742907 https://bugzilla.samba.org/show_bug.cgi?id=7179 https://git.samba.org/?p=cifs-utils.git%3Ba=commitdiff%3Bh=810f7e4e0f2dbcbee0294d9b371071cb08268200 https://www.openwall.com/lists/oss-security/2011/09/27/1 https://www.openwall.com/lists/oss-security/2011/09/30/5 https://access.redhat.com/security/cve/CVE-2011-3585 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.0EPSS: 0%CPEs: 56EXPL: 0CVE-2011-2411
https://notcve.org/view.php?id=CVE-2011-2411
Unspecified vulnerability on HP NonStop Servers with software H06.x through H06.23.00 and J06.x through J06.12.00, when Samba is used, allows remote authenticated users to execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en los servidores HP NonStop con software H06.x a través de H06.23.00 y J06.x través J06.12.00, cuando Samba se utiliza, permite a usuarios remotos autenticados ejecutar código arbitrario a través de vectores desconocidos. • http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c03008543 •
CVSS: 2.6EPSS: 0%CPEs: 192EXPL: 0CVE-2011-2724 – cifs-utils: mount.cifs incorrect fix for CVE-2010-0547
https://notcve.org/view.php?id=CVE-2011-2724
The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0547. La función check_mtab en client/mount.cifs.c en mount.cifs en smbfs en Samba v3.5.10 y anteriores no verifica correctamente que el (1) nombre del dispositivo y (2) las cadenas de punto de montaje se componen de caracteres válidos, lo que permite causar a los usuarios locales una denegación de servicio (corrupción de mtab) a través de una cadena de texto hecha a mano. NOTA: esta vulnerabilidad existe debido a una solución incorrecta para el CVE-2.010-0547. • http://comments.gmane.org/gmane.linux.kernel.cifs/3827 http://git.samba.org/?p=cifs-utils.git%3Ba=commit%3Bh=1e7a32924b22d1f786b6f490ce8590656f578f91 http://openwall.com/lists/oss-security/2011/07/29/9 http://secunia.com/advisories/45798 http://www.mandriva.com/security/advisories?name=MDVSA-2011:148 http://www.redhat.com/support/errata/RHSA-2011-1220.html http://www.redhat.com/support/errata/RHSA-2011-1221.html http://www.securitytracker.com/id?1025984 https://bugzilla.redhat.com& • CWE-20: Improper Input Validation •