Executive Summary

Summary
Title CIFS Server (Samba), Remote Execution of Arbitrary Code, Denial of Service (DoS)
Informations
Name HPSBUX02657 SSRT100460 First vendor Publication 2011-06-16
Vendor HP Last vendor Modification 2011-06-16
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to execute arbitrary code or create a Denial of Service (DoS).

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02787667

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11543
 
Oval ID: oval:org.mitre.oval:def:11543
Title: DSA-2061 samba -- memory corruption
Description: Jun Mao discovered that Samba, an implementation of the SMB/CIFS protocol for Unix systems, is not properly handling certain offset values when processing chained SMB1 packets. This enables an unauthenticated attacker to write to an arbitrary memory location resulting in the possibility to execute arbitrary code with root privileges or to perform denial of service attacks by crashing the samba daemon.
Family: unix Class: patch
Reference(s): DSA-2061
CVE-2010-2063
 Version: 7
Platform(s): Debian GNU/Linux 5.0
 Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12336
 
Oval ID: oval:org.mitre.oval:def:12336
Title: DSA-2109-1 samba -- buffer overflow
Description: A vulnerability has been discovered in samba, a SMB/CIFS file, print, and login server for Unix. The sid_parse function does not correctly check its input lengths when reading a binary representation of a Windows SID. This allows a malicious client to send a sid that can overflow the stack variable that is being used to store the SID in the Samba smbd server. For the stable distribution, this problem has been fixed in version 2:3.2.5-4lenny13. For the testing distribution and the unstable distribution, this problem will be fixed in version 3.5.5~dfsg-1. We recommend that you upgrade your samba packages. The packages for the mips architecture are not included in this upgrade. They will be released as soon as they become available.
Family: unix Class: patch
Reference(s): DSA-2109-1
CVE-2010-3069
 Version: 7
Platform(s): Debian GNU/Linux 5.0
 Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12427
 
Oval ID: oval:org.mitre.oval:def:12427
Title: CIFS Server (Samba), Remote Execution of Arbitrary Code, Denial of Service (DoS)
Description: Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2063
 Version: 12
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12825
 
Oval ID: oval:org.mitre.oval:def:12825
Title: USN-987-1 -- samba vulnerability
Description: Andrew Bartlett discovered that Samba did not correctly validate the length when parsing SIDs. A remote attacker could send a specially crafted request to the server and cause a denial of service, or possibly execute arbitrary code with the privileges of the Samba service . The default compiler options for Ubuntu 8.04 LTS and newer should reduce the vulnerability to a denial of service.
Family: unix Class: patch
Reference(s): USN-987-1
CVE-2010-3069
 Version: 5
Platform(s): Ubuntu 8.04
Ubuntu 10.04
Ubuntu 9.10
Ubuntu 6.06
Ubuntu 9.04
 Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12900
 
Oval ID: oval:org.mitre.oval:def:12900
Title: DSA-2175-1 samba -- missing input sanitisation
Description: Volker Lendecke discovered that missing range checks in Samba's file descriptor handling could lead to memory corruption, resulting in denial of service.
Family: unix Class: patch
Reference(s): DSA-2175-1
CVE-2011-0719
 Version: 6
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
 Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13258
 
Oval ID: oval:org.mitre.oval:def:13258
Title: USN-951-1 -- samba vulnerability
Description: Jun Mao discovered that Samba did not correctly validate SMB1 packet contents. An unauthenticated remote attacker could send specially crafted network traffic that could execute arbitrary code as the root user.
Family: unix Class: patch
Reference(s): USN-951-1
CVE-2010-2063
 Version: 5
Platform(s): Ubuntu 8.04
Ubuntu 6.06
Ubuntu 9.04
 Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13291
 
Oval ID: oval:org.mitre.oval:def:13291
Title: DSA-2061-1 samba -- memory corruption
Description: Jun Mao discovered that Samba, an implementation of the SMB/CIFS protocol for Unix systems, is not properly handling certain offset values when processing chained SMB1 packets. This enables an unauthenticated attacker to write to an arbitrary memory location resulting in the possibility to execute arbitrary code with root privileges or to perform denial of service attacks by crashing the samba daemon. For the stable distribution, this problem has been fixed in version 2:3.2.5-4lenny12. This problem does not affect the versions in the testing and unstable distribution. We recommend that you upgrade your samba packages.
Family: unix Class: patch
Reference(s): DSA-2061-1
CVE-2010-2063
 Version: 7
Platform(s): Debian GNU/Linux 5.0
 Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13439
 
Oval ID: oval:org.mitre.oval:def:13439
Title: USN-1075-1 -- samba vulnerability
Description: Volker Lendecke discovered that Samba incorrectly handled certain file descriptors. A remote attacker could send a specially crafted request to the server and cause Samba to crash or hang, resulting in a denial of service.
Family: unix Class: patch
Reference(s): USN-1075-1
CVE-2011-0719
 Version: 5
Platform(s): Ubuntu 8.04
Ubuntu 10.10
Ubuntu 10.04
Ubuntu 9.10
Ubuntu 6.06
 Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18907
 
Oval ID: oval:org.mitre.oval:def:18907
Title: CIFS Server (Samba), Remote Execution of Arbitrary Code, Denial of Service (DoS)
Description: Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd.
Family: unix Class: vulnerability
Reference(s): CVE-2011-0719
 Version: 12
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19544
 
Oval ID: oval:org.mitre.oval:def:19544
Title: CIFS Server (Samba), Remote Execution of Arbitrary Code, Denial of Service (DoS)
Description: Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3069
 Version: 11
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21518
 
Oval ID: oval:org.mitre.oval:def:21518
Title: RHSA-2011:0306: samba3x security update (Important)
Description: Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd.
Family: unix Class: patch
Reference(s): RHSA-2011:0306-01
CESA-2011:0306
CVE-2011-0719
 Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
 Product(s): samba3x
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21898
 
Oval ID: oval:org.mitre.oval:def:21898
Title: RHSA-2011:0305: samba security update (Important)
Description: Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd.
Family: unix Class: patch
Reference(s): RHSA-2011:0305-01
CVE-2011-0719
CESA-2011:0305-CentOS 5
 Version: 6
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
CentOS Linux 5
 Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21996
 
Oval ID: oval:org.mitre.oval:def:21996
Title: RHSA-2010:0698: samba3x security update (Critical)
Description: Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.
Family: unix Class: patch
Reference(s): RHSA-2010:0698-01
CESA-2010:0698
CVE-2010-3069
 Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
 Product(s): samba3x
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22098
 
Oval ID: oval:org.mitre.oval:def:22098
Title: RHSA-2010:0488: samba and samba3x security update (Critical)
Description: Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.
Family: unix Class: patch
Reference(s): RHSA-2010:0488-01
CESA-2010:0488
CVE-2010-2063
 Version: 4
Platform(s): Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 5
CentOS Linux 5
 Product(s): samba
samba3x
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22215
 
Oval ID: oval:org.mitre.oval:def:22215
Title: RHSA-2010:0697: samba security and bug fix update (Critical)
Description: Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.
Family: unix Class: patch
Reference(s): RHSA-2010:0697-01
CESA-2010:0697
CVE-2010-3069
 Version: 4
Platform(s): Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 5
CentOS Linux 5
 Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22276
 
Oval ID: oval:org.mitre.oval:def:22276
Title: RHSA-2010:0860: samba security update (Critical)
Description: Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.
Family: unix Class: patch
Reference(s): RHSA-2010:0860-02
CVE-2010-3069
 Version: 4
Platform(s): Red Hat Enterprise Linux 6
 Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22824
 
Oval ID: oval:org.mitre.oval:def:22824
Title: ELSA-2010:0488: samba and samba3x security update (Critical)
Description: Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.
Family: unix Class: patch
Reference(s): ELSA-2010:0488-01
CVE-2010-2063
 Version: 6
Platform(s): Oracle Linux 5
 Product(s): samba
samba3x
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22933
 
Oval ID: oval:org.mitre.oval:def:22933
Title: ELSA-2010:0860: samba security update (Critical)
Description: Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.
Family: unix Class: patch
Reference(s): ELSA-2010:0860-02
CVE-2010-3069
 Version: 6
Platform(s): Oracle Linux 6
 Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23016
 
Oval ID: oval:org.mitre.oval:def:23016
Title: ELSA-2010:0698: samba3x security update (Critical)
Description: Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.
Family: unix Class: patch
Reference(s): ELSA-2010:0698-01
CVE-2010-3069
 Version: 6
Platform(s): Oracle Linux 5
 Product(s): samba3x
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23057
 
Oval ID: oval:org.mitre.oval:def:23057
Title: ELSA-2010:0697: samba security and bug fix update (Critical)
Description: Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.
Family: unix Class: patch
Reference(s): ELSA-2010:0697-01
CVE-2010-3069
 Version: 6
Platform(s): Oracle Linux 5
 Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23192
 
Oval ID: oval:org.mitre.oval:def:23192
Title: ELSA-2011:0306: samba3x security update (Important)
Description: Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd.
Family: unix Class: patch
Reference(s): ELSA-2011:0306-01
CVE-2011-0719
 Version: 6
Platform(s): Oracle Linux 5
 Product(s): samba3x
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23593
 
Oval ID: oval:org.mitre.oval:def:23593
Title: ELSA-2011:0305: samba security update (Important)
Description: Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd.
Family: unix Class: patch
Reference(s): ELSA-2011:0305-01
CVE-2011-0719
 Version: 6
Platform(s): Oracle Linux 6
 Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27405
 
Oval ID: oval:org.mitre.oval:def:27405
Title: DEPRECATED: ELSA-2010-0860 -- samba security update (critical)
Description: [3.5.4-68.1] - Security Release, fixes CVE-2010-3069 - resolves: #632264
Family: unix Class: patch
Reference(s): ELSA-2010-0860
CVE-2010-3069
 Version: 4
Platform(s): Oracle Linux 6
 Product(s): samba
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27415
 
Oval ID: oval:org.mitre.oval:def:27415
Title: DEPRECATED: ELSA-2010-0698 -- samba3x security update (critical)
Description: [3.3.8-0.52.2] - Security Release, fixes CVE-2010-3069 - resolves: #632231
Family: unix Class: patch
Reference(s): ELSA-2010-0698
CVE-2010-3069
 Version: 4
Platform(s): Oracle Linux 5
 Product(s): samba3x
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27516
 
Oval ID: oval:org.mitre.oval:def:27516
Title: DEPRECATED: ELSA-2011-0306 -- samba3x security update (important)
Description: [3.5.4-0.70.1] - Security Release, fixes CVE-2011-0719 - resolves: #678332
Family: unix Class: patch
Reference(s): ELSA-2011-0306
CVE-2011-0719
 Version: 4
Platform(s): Oracle Linux 5
 Product(s): samba3x
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7115
 
Oval ID: oval:org.mitre.oval:def:7115
Title: VMware ESX,Service Console update for samba.
Description: Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2063
 Version: 3
Platform(s): VMWare ESX Server 3.5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9859
 
Oval ID: oval:org.mitre.oval:def:9859
Title: Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.
Description: Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2063
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 199
Os 5
Os 1

OpenVAS Exploits

Date Description
2012-08-10 Name : Gentoo Security Advisory GLSA 201206-22 (Samba)
File : nvt/glsa_201206_22.nasl
2012-07-30 Name : CentOS Update for samba3x CESA-2011:0306 centos5 x86_64
File : nvt/gb_CESA-2011_0306_samba3x_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for libsmbclient CESA-2011:0305 centos5 x86_64
File : nvt/gb_CESA-2011_0305_libsmbclient_centos5_x86_64.nasl
2011-08-26 Name : Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)
File : nvt/secpod_macosx_su11-001.nasl
2011-08-19 Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004)
File : nvt/secpod_macosx_su11-004.nasl
2011-08-19 Name : Fedora Update for samba FEDORA-2011-10367
File : nvt/gb_fedora_2011_10367_samba_fc14.nasl
2011-08-09 Name : CentOS Update for libsmbclient CESA-2010:0488 centos5 i386
File : nvt/gb_CESA-2010_0488_libsmbclient_centos5_i386.nasl
2011-08-09 Name : CentOS Update for libtalloc CESA-2010:0488 centos5 i386
File : nvt/gb_CESA-2010_0488_libtalloc_centos5_i386.nasl
2011-08-09 Name : CentOS Update for libsmbclient CESA-2010:0697 centos5 i386
File : nvt/gb_CESA-2010_0697_libsmbclient_centos5_i386.nasl
2011-08-09 Name : CentOS Update for libtalloc CESA-2010:0698 centos5 i386
File : nvt/gb_CESA-2010_0698_libtalloc_centos5_i386.nasl
2011-08-09 Name : CentOS Update for libsmbclient CESA-2011:0305 centos5 i386
File : nvt/gb_CESA-2011_0305_libsmbclient_centos5_i386.nasl
2011-08-09 Name : CentOS Update for samba3x CESA-2011:0306 centos5 i386
File : nvt/gb_CESA-2011_0306_samba3x_centos5_i386.nasl
2011-08-03 Name : FreeBSD Ports: samba34
File : nvt/freebsd_samba34.nasl
2011-03-24 Name : Fedora Update for samba FEDORA-2011-3120
File : nvt/gb_fedora_2011_3120_samba_fc13.nasl
2011-03-24 Name : Fedora Update for samba FEDORA-2011-3118
File : nvt/gb_fedora_2011_3118_samba_fc14.nasl
2011-03-09 Name : Debian Security Advisory DSA 2175-1 (samba)
File : nvt/deb_2175_1.nasl
2011-03-07 Name : Mandriva Update for samba MDVSA-2011:038 (samba)
File : nvt/gb_mandriva_MDVSA_2011_038.nasl
2011-03-07 Name : CentOS Update for samba CESA-2011:0305 centos4 i386
File : nvt/gb_CESA-2011_0305_samba_centos4_i386.nasl
2011-03-07 Name : RedHat Update for samba RHSA-2011:0305-01
File : nvt/gb_RHSA-2011_0305-01_samba.nasl
2011-03-07 Name : RedHat Update for samba3x RHSA-2011:0306-01
File : nvt/gb_RHSA-2011_0306-01_samba3x.nasl
2011-03-07 Name : Ubuntu Update for samba vulnerability USN-1075-1
File : nvt/gb_ubuntu_USN_1075_1.nasl
2011-03-01 Name : Samba 'FD_SET' Memory Corruption Vulnerability
File : nvt/gb_samba_46597.nasl
2010-12-02 Name : Fedora Update for samba FEDORA-2010-14768
File : nvt/gb_fedora_2010_14768_samba_fc14.nasl
2010-09-22 Name : CentOS Update for samba CESA-2010:0697 centos4 i386
File : nvt/gb_CESA-2010_0697_samba_centos4_i386.nasl
2010-09-22 Name : Mandriva Update for samba MDVSA-2010:184 (samba)
File : nvt/gb_mandriva_MDVSA_2010_184.nasl
2010-09-22 Name : Ubuntu Update for samba vulnerability USN-987-1
File : nvt/gb_ubuntu_USN_987_1.nasl
2010-09-22 Name : CentOS Update for samba CESA-2010:0697 centos3 i386
File : nvt/gb_CESA-2010_0697_samba_centos3_i386.nasl
2010-09-22 Name : Fedora Update for samba FEDORA-2010-14678
File : nvt/gb_fedora_2010_14678_samba_fc12.nasl
2010-09-22 Name : Fedora Update for samba FEDORA-2010-14627
File : nvt/gb_fedora_2010_14627_samba_fc13.nasl
2010-09-22 Name : RedHat Update for samba3x RHSA-2010:0698-01
File : nvt/gb_RHSA-2010_0698-01_samba3x.nasl
2010-09-22 Name : RedHat Update for samba RHSA-2010:0697-01
File : nvt/gb_RHSA-2010_0697-01_samba.nasl
2010-09-15 Name : Samba SID Parsing Remote Buffer Overflow Vulnerability
File : nvt/gb_samba_43212.nasl
2010-08-20 Name : CentOS Update for samba CESA-2010:0488 centos3 i386
File : nvt/gb_CESA-2010_0488_samba_centos3_i386.nasl
2010-07-06 Name : Debian Security Advisory DSA 2061-1 (samba)
File : nvt/deb_2061_1.nasl
2010-07-02 Name : SuSE Update for samba SUSE-SA:2010:025
File : nvt/gb_suse_2010_025.nasl
2010-06-18 Name : Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
File : nvt/gb_samba_40884.nasl
2010-06-18 Name : Mandriva Update for samba MDVSA-2010:119 (samba)
File : nvt/gb_mandriva_MDVSA_2010_119.nasl
2010-06-18 Name : Ubuntu Update for samba vulnerability USN-951-1
File : nvt/gb_ubuntu_USN_951_1.nasl
2010-06-18 Name : RedHat Update for samba and samba3x RHSA-2010:0488-01
File : nvt/gb_RHSA-2010_0488-01_samba_and_samba3x.nasl
2010-04-19 Name : Mandriva Update for mmc-wizard MDVA-2010:119 (mmc-wizard)
File : nvt/gb_mandriva_MDVA_2010_119.nasl
0000-00-00 Name : Slackware Advisory SSA:2011-059-01 samba
File : nvt/esoft_slk_ssa_2011_059_01.nasl
0000-00-00 Name : Slackware Advisory SSA:2010-257-01 samba
File : nvt/esoft_slk_ssa_2010_257_01.nasl
0000-00-00 Name : Slackware Advisory SSA:2010-169-01 samba
File : nvt/esoft_slk_ssa_2010_169_01.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
71268 Samba FD_SET Macro Memory Corruption

A memory corruption flaw exists in Samba. The program fails to properly perform file descriptors range checks before using the FD_SET macro, resulting in memory corruption. With a specially crafted file descriptor set, a context-dependent attacker can execute arbitrary code.
67994 Samba sid_parse() Function SID Parsing Remote Overflow
65518 Samba smbd process.c chain_reply Function SMB1 Packet Chaining Memory Corruption

Snort® IPS/IDS

Date Description
2014-01-10 Samba SID parsing overflow attempt
RuleID : 19007 - Revision : 8 - Type : SERVER-SAMBA
2014-01-10 Samba SMB1 chain_reply function memory corruption attempt
RuleID : 16728 - Revision : 4 - Type : NETBIOS

Nessus® Vulnerability Scanner

Date Description
2016-03-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0019_remote.nasl - Type : ACT_GATHER_INFO
2016-03-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0013_remote.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_ldapsmb-100915.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_cifs-mount-110307.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0698.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0488.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0697.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0860.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0305.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0306.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110301_samba_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110301_samba_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110301_samba3x_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100616_samba_and_samba3x_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100616_samba_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100914_samba3x_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100914_samba_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101110_samba_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-06-25 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201206-22.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_cifs-mount-7396.nasl - Type : ACT_GATHER_INFO
2011-06-24 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_6_8.nasl - Type : ACT_GATHER_INFO
2011-06-24 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2011-004.nasl - Type : ACT_GATHER_INFO
2011-06-22 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_bfdbc7ec9c3f11e09bec6c626dd55a41.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_cifs-mount-110308.nasl - Type : ACT_GATHER_INFO
2011-04-29 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_cifs-mount-110228.nasl - Type : ACT_GATHER_INFO
2011-04-29 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_cifs-mount-7353.nasl - Type : ACT_GATHER_INFO
2011-04-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0306.nasl - Type : ACT_GATHER_INFO
2011-03-22 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_6_7.nasl - Type : ACT_GATHER_INFO
2011-03-21 Name : The remote Fedora host is missing a security update.
File : fedora_2011-3120.nasl - Type : ACT_GATHER_INFO
2011-03-21 Name : The remote Fedora host is missing a security update.
File : fedora_2011-3118.nasl - Type : ACT_GATHER_INFO
2011-03-03 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0305.nasl - Type : ACT_GATHER_INFO
2011-03-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0305.nasl - Type : ACT_GATHER_INFO
2011-03-02 Name : The remote Samba server is affected by a memory corruption vulnerability.
File : samba_3_5_7.nasl - Type : ACT_GATHER_INFO
2011-03-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0306.nasl - Type : ACT_GATHER_INFO
2011-03-01 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2011-059-01.nasl - Type : ACT_GATHER_INFO
2011-03-01 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2175.nasl - Type : ACT_GATHER_INFO
2011-03-01 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1075-1.nasl - Type : ACT_GATHER_INFO
2011-03-01 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-038.nasl - Type : ACT_GATHER_INFO
2010-12-08 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2010-0019.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_cifs-mount-100613.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_cifs-mount-100914.nasl - Type : ACT_GATHER_INFO
2010-11-18 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0860.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_cifs-mount-7151.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_cifs-mount-7072.nasl - Type : ACT_GATHER_INFO
2010-10-06 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12644.nasl - Type : ACT_GATHER_INFO
2010-09-24 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_cifs-mount-100914.nasl - Type : ACT_GATHER_INFO
2010-09-24 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_cifs-mount-100915.nasl - Type : ACT_GATHER_INFO
2010-09-20 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2109.nasl - Type : ACT_GATHER_INFO
2010-09-17 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-184.nasl - Type : ACT_GATHER_INFO
2010-09-17 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0698.nasl - Type : ACT_GATHER_INFO
2010-09-17 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0697.nasl - Type : ACT_GATHER_INFO
2010-09-16 Name : The remote Fedora host is missing a security update.
File : fedora_2010-14768.nasl - Type : ACT_GATHER_INFO
2010-09-16 Name : The remote Fedora host is missing a security update.
File : fedora_2010-14678.nasl - Type : ACT_GATHER_INFO
2010-09-16 Name : The remote Fedora host is missing a security update.
File : fedora_2010-14627.nasl - Type : ACT_GATHER_INFO
2010-09-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-987-1.nasl - Type : ACT_GATHER_INFO
2010-09-15 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2010-257-01.nasl - Type : ACT_GATHER_INFO
2010-09-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0697.nasl - Type : ACT_GATHER_INFO
2010-09-15 Name : The remote Samba server is affected by a buffer overflow vulnerability.
File : samba_3_5_5.nasl - Type : ACT_GATHER_INFO
2010-09-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0698.nasl - Type : ACT_GATHER_INFO
2010-09-02 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2010-0013.nasl - Type : ACT_GATHER_INFO
2010-08-24 Name : The remote host is missing a Mac OS X update that fixes security issues.
File : macosx_SecUpd2010-005.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_cifs-mount-100613.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_cifs-mount-100613.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12622.nasl - Type : ACT_GATHER_INFO
2010-06-21 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2061.nasl - Type : ACT_GATHER_INFO
2010-06-21 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0488.nasl - Type : ACT_GATHER_INFO
2010-06-20 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2010-169-01.nasl - Type : ACT_GATHER_INFO
2010-06-18 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-119.nasl - Type : ACT_GATHER_INFO
2010-06-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0488.nasl - Type : ACT_GATHER_INFO
2010-06-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-951-1.nasl - Type : ACT_GATHER_INFO
2010-06-17 Name : The remote service is affected by a memory corruption vulnerability.
File : samba_3_3_13.nasl - Type : ACT_GATHER_INFO