Published: 04/02/2010 Updated: 07/11/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and previous versions does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.

Vulnerable Product	Search on Vulmon	Subscribe to Product
samba samba 3.0.14a
samba samba 2.2.1a
samba samba 3.0.27
samba samba 3.0.31
samba samba 3.0.3
samba samba 2.2.12
samba samba 3.0.8
samba samba 3.2.15
samba samba 3.3.3
samba samba 3.0.29
samba samba 3.0.25
samba samba 3.0.25b
samba samba 3.2.5
samba samba 3.4.2
samba samba 2.2.3a
samba samba 3.2.3
samba samba 1.9.18
samba samba 3.0.2a
samba samba 3.0.36
samba samba 3.4.0
samba samba 3.2.4
samba samba 3.0.5
samba samba 1.9.17
samba samba 3.3.9
samba samba 2.2.8a
samba samba 3.0.28
samba samba 3.0.32
samba samba 3.0.26a
samba samba 3.2.13
samba samba 3.0.6
samba samba 3.0.21a
samba samba 3.0.34
samba samba 3.0.23
samba samba 3.2.1
samba samba 3.0.4
samba samba 3.3.4
samba samba 3.0.33
samba samba 3.0.20a
samba samba 2.2.9
samba samba 2.2.3
samba samba 3.0.21b
samba samba 3.0.27a
samba samba 3.3.7
samba samba 3.4.1
samba samba 3.0.0
samba samba 2.2.11
samba samba 3.0.9
samba samba 3.2.9
samba samba 3.0.11
samba samba 2.2.1
samba samba 3.0.13
samba samba 3.3.1
samba samba 3.2.2
samba samba 3.2.7
samba samba 3.0.20b
samba samba 2.2.7a
samba samba 3.2.10
samba samba 2.2.4
samba samba 3.0.21
samba samba 3.0.26
samba samba 3.0.14
samba samba 3.0.30
samba samba 3.0.21c
samba samba 3.3.0
samba samba 2.2a
samba samba 3.0.23b
samba samba 3.3.6
samba samba 2.2.6
samba samba 2.2.8
samba samba 3.0.2
samba samba 3.0.12
samba samba 3.2.12
samba samba 3.0.37
samba samba 3.0.20
samba samba 2.2.0a
samba samba 3.2.8
samba samba 3.0.35
samba samba
samba samba 3.0.25a
samba samba 3.0.25c
samba samba 3.3.2
samba samba 3.0.24
samba samba 3.0.10
samba samba 3.2.11
samba samba 3.4.4
samba samba 2.2.2
samba samba 2.2.10
samba samba 3.4.3
samba samba 3.3.8
samba samba 3.2.14
samba samba 3.0.23d
samba samba 2.2.0
samba samba 3.2.0
samba samba 2.2.5
samba samba 3.3.5
samba samba 3.0.23c
samba samba 3.2.6
samba samba 2.2.7
samba samba 3.0.23a
samba samba 3.0.28a
samba samba 3.3.10
samba samba 3.0.1
samba samba 3.0.22

Debian Bug report logs - #568942 samba: mtab corruption via malicious crafted string Package: samba; Maintainer for samba is Debian Samba Maintainers <pkg-samba-maint@listsaliothdebianorg>; Source for samba is src:samba (PTS, buildd, popcon) Reported by: Pedro R <pedrib@gmailcom> Date: Mon, 8 Feb 2010 22:57:05 U ...

Two local vulnerabilities have been discovered in samba, a SMB/CIFS file, print, and login server for Unix The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3297 Ronald Volgers discovered that a race condition in mountcifs allows local users to mount remote filesystems over arbitrary mount p ...

CWE-20 http://www.securityfocus.com/bid/38326 http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html http://secunia.com/advisories/39317 http://www.mandriva.com/security/advisories?name=MDVSA-2010:090 http://www.vupen.com/english/advisories/2010/1062 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://security.gentoo.org/glsa/glsa-201206-29.xml http://git.samba.org/?p=samba.git%3Ba=commit%3Bh=a065c177dfc8f968775593ba00dffafeebb2e054 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=568942 https://nvd.nist.gov https://www.debian.org/security/./dsa-2004

Get Started

CVE-2010-0547

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect