Published: 29/09/2010 Updated: 30/09/2010

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

VMScore: 436

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and previous versions, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1) SMBIOC_LOOKUP or (2) SMBIOC_OPENSESSION ioctl call.

Vulnerable Product	Search on Vulmon	Subscribe to Product
netbsd netbsd
netbsd netbsd 5.0.1
netbsd netbsd 2.1
netbsd netbsd 2.0.3
netbsd netbsd 2.0.4
netbsd netbsd 2.1.1
netbsd netbsd 1.3.2
netbsd netbsd 1.3.1
netbsd netbsd 1.3
netbsd netbsd 1.2.1
netbsd netbsd 3.0.2
netbsd netbsd 3.0.1
netbsd netbsd 3.0
netbsd netbsd 3.1
netbsd netbsd 1.5.2
netbsd netbsd 1.5.1
netbsd netbsd 1.5
netbsd netbsd 1.4.3
netbsd netbsd 0.8
netbsd netbsd 5.0
netbsd netbsd 4.0
netbsd netbsd 2.0.1
netbsd netbsd 2.0
netbsd netbsd 1.6.2
netbsd netbsd 1.6
netbsd netbsd 1.5.3
netbsd netbsd 1.4.2
netbsd netbsd 1.4
netbsd netbsd 1.1
netbsd netbsd 0.9
netbsd netbsd 4.0.1
netbsd netbsd 3.99.15
netbsd netbsd 2.0.2
netbsd netbsd 1.6.1
netbsd netbsd 1.4.1
netbsd netbsd 1.3.3
netbsd netbsd 1.2
netbsd netbsd 1.0
freebsd freebsd
apple mac os x

CWE-189 http://www.openwall.com/lists/oss-security/2010/07/12/6 http://www.securityfocus.com/bid/41557 http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netsmb/smb_subr.c.diff?r1=1.34&r2=1.35&only_with_tag=MAIN&f=h http://www.openwall.com/lists/oss-security/2010/07/16/2 https://nvd.nist.gov

CVE-2010-2530

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect