Published: 17/06/2010 Updated: 13/02/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x prior to 3.3.13 allows remote malicious users to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.

Vulnerable Product	Search on Vulmon	Subscribe to Product
samba samba
canonical ubuntu linux 9.04
canonical ubuntu linux 8.04
canonical ubuntu linux 6.06
debian debian linux 5.0

Remote code execution as root via Samba ...

Jun Mao discovered that Samba, an implementation of the SMB/CIFS protocol for Unix systems, is not properly handling certain offset values when processing chained SMB1 packets This enables an unauthenticated attacker to write to an arbitrary memory location resulting in the possibility to execute arbitrary code with root privileges or to perform d ...

## # $Id: chain_replyrb 10238 2010-09-04 02:10:22Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Met ...

CWE-119 http://www.samba.org/samba/ftp/patches/security/samba-3.0.37-CVE-2010-2063.patch http://www.samba.org/samba/security/CVE-2010-2063.html http://secunia.com/advisories/40145 http://www.samba.org/samba/ftp/patches/security/samba-3.3.12-CVE-2010-2063.patch http://www.vupen.com/english/advisories/2010/1486 http://www.samba.org/samba/ftp/history/samba-3.3.13.html http://marc.info/?l=samba-announce&m=127668712312761&w=2 http://www.vupen.com/english/advisories/2010/1507 http://osvdb.org/65518 http://ubuntu.com/usn/usn-951-1 http://www.debian.org/security/2010/dsa-2061 http://www.vupen.com/english/advisories/2010/1504 http://www.mandriva.com/security/advisories?name=MDVSA-2010:119 http://www.redhat.com/support/errata/RHSA-2010-0488.html http://www.vupen.com/english/advisories/2010/1517 http://secunia.com/advisories/40210 http://www.securitytracker.com/id?1024107 http://secunia.com/advisories/40221 http://www.vupen.com/english/advisories/2010/1505 http://secunia.com/advisories/40293 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=873 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.471914 http://www.securityfocus.com/bid/40884 http://support.apple.com/kb/HT4312 http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://marc.info/?l=bugtraq&m=129138831608422&w=2 http://secunia.com/advisories/42319 http://www.vupen.com/english/advisories/2010/3063 http://marc.info/?l=bugtraq&m=130835366526620&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/59481 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9859 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7115 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12427 https://usn.ubuntu.com/951-1/https://nvd.nist.gov https://www.exploit-db.com/exploits/16860/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-2063

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect