Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.3
CVSSv2

CVE-2011-1678

Published: 10/04/2011 Updated: 17/08/2017
CVSS v2 Base Score: 3.3 | Impact Score: 4.9 | Exploitability Score: 3.4
VMScore: 294
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:N
Subscribe to Samba

Vulnerability Summary

smbfs in Samba 3.5.8 and previous versions attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.

Vulnerable Product Search on Vulmon Subscribe to Product

samba samba

Vendor Advisories

Ubuntu Security Notice: cifs-utils vulnerabilities
An attacker could trick cifs-utils into corrupting the system mtab file ...
Ubuntu Security Notice: samba vulnerabilities
An attacker could trick Samba into corrupting the system mtab file ...

References

CWE-20http://openwall.com/lists/oss-security/2011/03/04/11http://openwall.com/lists/oss-security/2011/03/22/6http://openwall.com/lists/oss-security/2011/03/14/7http://openwall.com/lists/oss-security/2011/03/04/10https://bugzilla.redhat.com/show_bug.cgi?id=688980http://openwall.com/lists/oss-security/2011/03/05/7http://openwall.com/lists/oss-security/2011/03/14/5http://openwall.com/lists/oss-security/2011/03/05/3http://openwall.com/lists/oss-security/2011/03/22/4http://openwall.com/lists/oss-security/2011/03/14/16http://openwall.com/lists/oss-security/2011/04/01/2http://openwall.com/lists/oss-security/2011/03/04/9http://openwall.com/lists/oss-security/2011/03/07/9http://openwall.com/lists/oss-security/2011/03/31/4http://openwall.com/lists/oss-security/2011/03/15/6http://openwall.com/lists/oss-security/2011/03/04/12http://openwall.com/lists/oss-security/2011/03/31/3http://www.mandriva.com/security/advisories?name=MDVSA-2011:148https://exchange.xforce.ibmcloud.com/vulnerabilities/66702https://nvd.nist.govhttps://usn.ubuntu.com/1226-2/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook