Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
13 Feb 2023, 04:21
Type | Values Removed | Values Added |
---|---|---|
Summary | Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share. | |
References |
|
02 Feb 2023, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | CVE-2010-3069 Samba: Stack-based buffer overflow by processing specially-crafted SID records |
29 Aug 2022, 20:12
Type | Values Removed | Values Added |
---|---|---|
First Time |
Canonical
Canonical ubuntu Linux |
|
CPE | cpe:2.3:a:samba:samba:3.0.14:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.23b:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.2.4:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:1.9.17:p5:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.2.15:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.25b:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.4:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.25:rc1:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.2.13:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.20a:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.27:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.2.11:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.2.6:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.1.0:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.3.11:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.4.0:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.28a:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.0.1:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.9:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.25:pre1:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.0.2:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.4.2:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:1.9.18:p7:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.2.3:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.23c:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.2.5:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.8:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.0.5a:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.0.3:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.20b:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.25a:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.3.2:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.30:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.32:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.2:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:1.9.17:p1:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.25:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:1.9.17:p3:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.1:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.11:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:1.9.18:p5:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.2.9:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.3.1:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.3.12:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.0.9:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.7:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.15:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.2.2:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.0:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.7a:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.2.1:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.2.14:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.3.6:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.4.7:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:1.9.18:p1:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.2.12:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.3.4:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.2:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.4.5:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.6:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.0.0:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.12:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.34:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.5.3:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.4.6:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.23a:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.35:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:1.9.18:p6:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.36:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.2.7:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.26:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.0.4:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.0a:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.5.2:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.29:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.26a:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.28:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.20:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.0:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:1.9.17:p2:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.5:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.18:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.31:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.3:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:1.9.18:p2:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.0.5:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.0.8:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.24:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.3.10:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.2.8:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.19:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.3:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:1.9.17:p4:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.25c:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.3.5:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.33:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.4.3:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:1.9.18:p8:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.8a:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.25:pre2:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:1.9.18:p3:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.5:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.3.9:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.25:rc2:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:1.9.18:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.3.3:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.37:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.5.1:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:1.9.17:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.2.0:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:1.9.18:p10:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.3.7:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.25:rc3:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.23:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:1.9.18:p4:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.3.8:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.10:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.27a:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.0.7:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.2.10:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.4.4:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.4.1:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.0.6:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.2.4:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.17:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.18.3:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.5.0:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.3.0:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:2.0.10:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:3.0.16:*:*:*:*:*:*:* |
cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:* cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:* |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/61773 - VDB Entry | |
References | (HP) http://marc.info/?l=bugtraq&m=130835366526620&w=2 - Mailing List, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html - Mailing List, Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/43212 - Third Party Advisory, VDB Entry | |
References | (SECTRACK) http://www.securitytracker.com/id?1024434 - Third Party Advisory, VDB Entry | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html - Mailing List, Third Party Advisory | |
References | (CONFIRM) http://www.vmware.com/security/advisories/VMSA-2010-0019.html - Permissions Required, Third Party Advisory | |
References | (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047650.html - Mailing List, Third Party Advisory | |
References | (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047758.html - Mailing List, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/42885 - Third Party Advisory | |
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2010-0860.html - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/41447 - Third Party Advisory | |
References | (APPLE) http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html - Mailing List, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/42531 - Third Party Advisory | |
References | (CONFIRM) http://support.apple.com/kb/HT4581 - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/41354 - Third Party Advisory | |
References | (APPLE) http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html - Mailing List, Third Party Advisory | |
References | (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047697.html - Mailing List, Third Party Advisory | |
References | (BUGTRAQ) http://www.securityfocus.com/archive/1/515055/100/0/threaded - Third Party Advisory, VDB Entry | |
References | (UBUNTU) http://www.ubuntu.com/usn/USN-987-1 - Third Party Advisory | |
References | (VUPEN) http://www.vupen.com/english/advisories/2011/0091 - Permissions Required | |
References | (VUPEN) http://www.vupen.com/english/advisories/2010/2378 - Permissions Required | |
References | (VUPEN) http://www.vupen.com/english/advisories/2010/3126 - Permissions Required | |
References | (CONFIRM) http://us1.samba.org/samba/history/samba-3.5.5.html - Vendor Advisory | |
References | (CONFIRM) http://support.apple.com/kb/HT4723 - Third Party Advisory |
Information
Published : 2010-09-15 18:00
Updated : 2023-12-10 11:03
NVD link : CVE-2010-3069
Mitre link : CVE-2010-3069
CVE.ORG link : CVE-2010-3069
JSON object : View
Products Affected
canonical
- ubuntu_linux
samba
- samba
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer