CVE-2010-3069

Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html	Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047650.html	Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047697.html	Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047758.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=130835366526620&w=2	Mailing List Third Party Advisory
http://secunia.com/advisories/41354	Third Party Advisory
http://secunia.com/advisories/41447	Third Party Advisory
http://secunia.com/advisories/42531	Third Party Advisory
http://secunia.com/advisories/42885	Third Party Advisory
http://support.apple.com/kb/HT4581	Third Party Advisory
http://support.apple.com/kb/HT4723	Third Party Advisory
http://us1.samba.org/samba/history/samba-3.5.5.html	Vendor Advisory
http://us1.samba.org/samba/security/CVE-2010-3069.html	Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2010-0860.html	Third Party Advisory
http://www.securityfocus.com/archive/1/515055/100/0/threaded	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/43212	Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1024434	Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-987-1	Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2010-0019.html	Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2010/2378	Permissions Required
http://www.vupen.com/english/advisories/2010/3126	Permissions Required
http://www.vupen.com/english/advisories/2011/0091	Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/61773	VDB Entry

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:samba:samba::::::::
	cpe:2.3:a:samba:samba::::::::
	cpe:2.3:a:samba:samba::::::::

Configuration 2 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:8.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:9.04:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::

History

13 Feb 2023, 04:21

Type	Values Removed	Values Added
Summary	~~CVE-2010-3069 Samba: Stack-based buffer overflow by processing specially-crafted SID records~~	Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.
References	~~{'url': 'https://access.redhat.com/errata/RHSA-2010:0698', 'name': 'https://access.redhat.com/errata/RHSA-2010:0698', 'tags': [], 'refsource': 'MISC'}~~ ~~{'url': 'https://access.redhat.com/errata/RHSA-2010:0697', 'name': 'https://access.redhat.com/errata/RHSA-2010:0697', 'tags': [], 'refsource': 'MISC'}~~ ~~{'url': 'https://access.redhat.com/security/cve/CVE-2010-3069', 'name': 'https://access.redhat.com/security/cve/CVE-2010-3069', 'tags': [], 'refsource': 'MISC'}~~ ~~{'url': 'https://access.redhat.com/errata/RHSA-2010:0860', 'name': 'https://access.redhat.com/errata/RHSA-2010:0860', 'tags': [], 'refsource': 'MISC'}~~ ~~{'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=630869', 'name': 'https://bugzilla.redhat.com/show_bug.cgi?id=630869', 'tags': [], 'refsource': 'MISC'}~~

02 Feb 2023, 14:15

Type	Values Removed	Values Added
References		(MISC) https://access.redhat.com/errata/RHSA-2010:0698 - (MISC) https://access.redhat.com/errata/RHSA-2010:0697 - (MISC) https://access.redhat.com/security/cve/CVE-2010-3069 - (MISC) https://access.redhat.com/errata/RHSA-2010:0860 - (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=630869 -
Summary	Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.	CVE-2010-3069 Samba: Stack-based buffer overflow by processing specially-crafted SID records

29 Aug 2022, 20:12

Information

Published : 2010-09-15 18:00

Updated : 2023-12-10 11:03

NVD link : CVE-2010-3069

Mitre link : CVE-2010-3069

CVE.ORG link : CVE-2010-3069

JSON object : View

Products Affected

canonical

ubuntu_linux

samba

samba

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Type	Values Removed	Values Added
First Time		Canonical Canonical ubuntu Linux
CPE	cpe:2.3:a:samba:samba:2.2a:::::::* cpe:2.3:a:samba:samba:3.0.14:::::::* cpe:2.3:a:samba:samba:3.0.2a:::::::* cpe:2.3:a:samba:samba:3.0.23b:::::::* cpe:2.3:a:samba:samba:3.2.4:::::::* cpe:2.3:a:samba:samba:1.9.17:p5:::::: cpe:2.3:a:samba:samba:3.2.15:::::::* cpe:2.3:a:samba:samba:3.0.25b:::::::* cpe:2.3:a:samba:samba:3.4:::::::* cpe:2.3:a:samba:samba:3.0.25:rc1:::::: cpe:2.3:a:samba:samba:3.2.13:::::::* cpe:2.3:a:samba:samba:3.0.20a:::::::* cpe:2.3:a:samba:samba:3.0.21a:::::::* cpe:2.3:a:samba:samba:3.0.27:::::::* cpe:2.3:a:samba:samba:3.2.11:::::::* cpe:2.3:a:samba:samba:3.2.6:::::::* cpe:2.3:a:samba:samba:3.1.0:::::::* cpe:2.3:a:samba:samba:3.3.11:::::::* cpe:2.3:a:samba:samba:3.4.0:::::::* cpe:2.3:a:samba:samba:3.0.28a:::::::* cpe:2.3:a:samba:samba:2.0.1:::::::* cpe:2.3:a:samba:samba:2.2.1a:::::::* cpe:2.3:a:samba:samba:2.2.9:::::::* cpe:2.3:a:samba:samba:3.0.25:pre1:::::: cpe:2.3:a:samba:samba:2.0.2:::::::* cpe:2.3:a:samba:samba:3.4.2:::::::* cpe:2.3:a:samba:samba:1.9.18:p7:::::: cpe:2.3:a:samba:samba:3.2.3:::::::* cpe:2.3:a:samba:samba:3.0.23c:::::::* cpe:2.3:a:samba:samba:3.2.5:::::::* cpe:2.3:a:samba:samba:2.2.8:::::::* cpe:2.3:a:samba:samba:2.0.5a:::::::* cpe:2.3:a:samba:samba:2.0.3:::::::* cpe:2.3:a:samba:samba:3.0.20b:::::::* cpe:2.3:a:samba:samba:3.0.0:::::::* cpe:2.3:a:samba:samba:3.0.25a:::::::* cpe:2.3:a:samba:samba:3.3.2:::::::* cpe:2.3:a:samba:samba:3.0.30:::::::* cpe:2.3:a:samba:samba:3.0.32:::::::* cpe:2.3:a:samba:samba:2.2.2:::::::* cpe:2.3:a:samba:samba:1.9.17:p1:::::: cpe:2.3:a:samba:samba:3.0.25:::::::* cpe:2.3:a:samba:samba:3.0.12:::::::* cpe:2.3:a:samba:samba:1.9.17:p3:::::: cpe:2.3:a:samba:samba:2.2.1:::::::* cpe:2.3:a:samba:samba:2.2.11:::::::* cpe:2.3:a:samba:samba:1.9.18:p5:::::: cpe:2.3:a:samba:samba:3.2.9:::::::* cpe:2.3:a:samba:samba:3.0.13:::::::* cpe:2.3:a:samba:samba:3.3.1:::::::* cpe:2.3:a:samba:samba:3.3.12:::::::* cpe:2.3:a:samba:samba:3.0.23d:::::::* cpe:2.3:a:samba:samba:2.0.9:::::::* cpe:2.3:a:samba:samba:2.2.7:::::::* cpe:2.3:a:samba:samba:2.2.3a:::::::* cpe:2.3:a:samba:samba:3.0.4:rc1:::::: cpe:2.3:a:samba:samba:3.0.15:::::::* cpe:2.3:a:samba:samba:3.2.2:::::::* cpe:2.3:a:samba:samba:2.2.0:::::::* cpe:2.3:a:samba:samba:2.2.7a:::::::* cpe:2.3:a:samba:samba:3.2.1:::::::* cpe:2.3:a:samba:samba:3.2.14:::::::* cpe:2.3:a:samba:samba:3.0.10:::::::* cpe:2.3:a:samba:samba:3.3.6:::::::* cpe:2.3:a:samba:samba:3.4.7:::::::* cpe:2.3:a:samba:samba:1.9.18:p1:::::: cpe:2.3:a:samba:samba:3.2.12:::::::* cpe:2.3:a:samba:samba:3.3.4:::::::* cpe:2.3:a:samba:samba:3.0.22:::::::* cpe:2.3:a:samba:samba:3.2:::::::* cpe:2.3:a:samba:samba:3.4.5:::::::* cpe:2.3:a:samba:samba:2.2.6:::::::* cpe:2.3:a:samba:samba:2.0.0:::::::* cpe:2.3:a:samba:samba:2.2.12:::::::* cpe:2.3:a:samba:samba:3.0.34:::::::* cpe:2.3:a:samba:samba:3.5.3:::::::* cpe:2.3:a:samba:samba:3.4.6:::::::* cpe:2.3:a:samba:samba:3.0.23a:::::::* cpe:2.3:a:samba:samba:3.0.35:::::::* cpe:2.3:a:samba:samba:1.9.18:p6:::::: cpe:2.3:a:samba:samba:3.0.36:::::::* cpe:2.3:a:samba:samba:3.2.7:::::::* cpe:2.3:a:samba:samba:3.0.26:::::::* cpe:2.3:a:samba:samba:2.0.4:::::::* cpe:2.3:a:samba:samba:2.2.0a:::::::* cpe:2.3:a:samba:samba:3.5.2:::::::* cpe:2.3:a:samba:samba:3.0.29:::::::* cpe:2.3:a:samba:samba:3.0.26a:::::::* cpe:2.3:a:samba:samba:3.0.28:::::::* cpe:2.3:a:samba:samba:3.0.20:::::::* cpe:2.3:a:samba:samba:2.0:::::::* cpe:2.3:a:samba:samba:3.0.4:::::::* cpe:2.3:a:samba:samba:3.0.8:::::::* cpe:2.3:a:samba:samba:1.9.17:p2:::::: cpe:2.3:a:samba:samba:3.5:::::::* cpe:2.3:a:samba:samba:3.0.18:::::::* cpe:2.3:a:samba:samba:3.0.31:::::::* cpe:2.3:a:samba:samba:3.3:::::::* cpe:2.3:a:samba:samba:1.9.18:p2:::::: cpe:2.3:a:samba:samba:2.0.5:::::::* cpe:2.3:a:samba:samba:2.0.8:::::::* cpe:2.3:a:samba:samba:3.0.24:::::::* cpe:2.3:a:samba:samba:3.3.10:::::::* cpe:2.3:a:samba:samba:3.2.8:::::::* cpe:2.3:a:samba:samba:3.0.11:::::::* cpe:2.3:a:samba:samba:3.0.19:::::::* cpe:2.3:a:samba:samba:2.2.3:::::::* cpe:2.3:a:samba:samba:1.9.17:p4:::::: cpe:2.3:a:samba:samba:3.0.6:::::::* cpe:2.3:a:samba:samba:3.0.25c:::::::* cpe:2.3:a:samba:samba:3.3.5:::::::* cpe:2.3:a:samba:samba:3.0.33:::::::* cpe:2.3:a:samba:samba:3.4.3:::::::* cpe:2.3:a:samba:samba:1.9.18:p8:::::: cpe:2.3:a:samba:samba:2.2.8a:::::::* cpe:2.3:a:samba:samba:3.0.25:pre2:::::: cpe:2.3:a:samba:samba:3.0.2:::::::* cpe:2.3:a:samba:samba:1.9.18:p3:::::: cpe:2.3:a:samba:samba:3.0.3:::::::* cpe:2.3:a:samba:samba:3.0.21b:::::::* cpe:2.3:a:samba:samba:2.2.5:::::::* cpe:2.3:a:samba:samba:3.3.9:::::::* cpe:2.3:a:samba:samba:3.0.25:rc2:::::: cpe:2.3:a:samba:samba:3.0.1:::::::* cpe:2.3:a:samba:samba:3.0.21:::::::* cpe:2.3:a:samba:samba:1.9.18:::::::* cpe:2.3:a:samba:samba:3.3.3:::::::* cpe:2.3:a:samba:samba:3.0.37:::::::* cpe:2.3:a:samba:samba:3.5.1:::::::* cpe:2.3:a:samba:samba:1.9.17:::::::* cpe:2.3:a:samba:samba:3.0.7:::::::* cpe:2.3:a:samba:samba:3.2.0:::::::* cpe:2.3:a:samba:samba:3.0.14a:::::::* cpe:2.3:a:samba:samba:1.9.18:p10:::::: cpe:2.3:a:samba:samba:3.0.21c:::::::* cpe:2.3:a:samba:samba:3.0.9:::::::* cpe:2.3:a:samba:samba:3.3.7:::::::* cpe:2.3:a:samba:samba:3.0.25:rc3:::::: cpe:2.3:a:samba:samba:3.0.23:::::::* cpe:2.3:a:samba:samba:1.9.18:p4:::::: cpe:2.3:a:samba:samba:3.3.8:::::::* cpe:2.3:a:samba:samba:3.0.5:::::::* cpe:2.3:a:samba:samba:2.2.10:::::::* cpe:2.3:a:samba:samba:3.0.27a:::::::* cpe:2.3:a:samba:samba:2.0.7:::::::* cpe:2.3:a:samba:samba:3.2.10:::::::* cpe:2.3:a:samba:samba:3.4.4:::::::* cpe:2.3:a:samba:samba:3.4.1:::::::* cpe:2.3:a:samba:samba:2.0.6:::::::* cpe:2.3:a:samba:samba:2.2.4:::::::* cpe:2.3:a:samba:samba:3.0.17:::::::* cpe:2.3:a:samba:samba:2.18.3:::::::* cpe:2.3:a:samba:samba:3.5.0:::::::* cpe:2.3:a:samba:samba:3.3.0:::::::* cpe:2.3:a:samba:samba:2.0.10:::::::* cpe:2.3:a:samba:samba:3.0.16:::::::*	cpe:2.3:o:canonical:ubuntu_linux:9.04:::::::* cpe:2.3:o:canonical:ubuntu_linux:8.04::::-::: cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::* cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
References	~~(XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/61773 -~~	(XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/61773 - VDB Entry
References	~~(HP) http://marc.info/?l=bugtraq&m=130835366526620&w=2 -~~	(HP) http://marc.info/?l=bugtraq&m=130835366526620&w=2 - Mailing List, Third Party Advisory
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html -~~	(SUSE) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html - Mailing List, Third Party Advisory
References	~~(BID) http://www.securityfocus.com/bid/43212 -~~	(BID) http://www.securityfocus.com/bid/43212 - Third Party Advisory, VDB Entry
References	~~(SECTRACK) http://www.securitytracker.com/id?1024434 -~~	(SECTRACK) http://www.securitytracker.com/id?1024434 - Third Party Advisory, VDB Entry
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html -~~	(SUSE) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html - Mailing List, Third Party Advisory
References	~~(CONFIRM) http://www.vmware.com/security/advisories/VMSA-2010-0019.html -~~	(CONFIRM) http://www.vmware.com/security/advisories/VMSA-2010-0019.html - Permissions Required, Third Party Advisory
References	~~(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047650.html -~~	(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047650.html - Mailing List, Third Party Advisory
References	~~(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047758.html -~~	(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047758.html - Mailing List, Third Party Advisory
References	~~(SECUNIA) http://secunia.com/advisories/42885 -~~	(SECUNIA) http://secunia.com/advisories/42885 - Third Party Advisory
References	~~(REDHAT) http://www.redhat.com/support/errata/RHSA-2010-0860.html -~~	(REDHAT) http://www.redhat.com/support/errata/RHSA-2010-0860.html - Third Party Advisory
References	~~(SECUNIA) http://secunia.com/advisories/41447 - Vendor Advisory~~	(SECUNIA) http://secunia.com/advisories/41447 - Third Party Advisory
References	~~(APPLE) http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html -~~	(APPLE) http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html - Mailing List, Third Party Advisory
References	~~(SECUNIA) http://secunia.com/advisories/42531 -~~	(SECUNIA) http://secunia.com/advisories/42531 - Third Party Advisory
References	~~(CONFIRM) http://support.apple.com/kb/HT4581 -~~	(CONFIRM) http://support.apple.com/kb/HT4581 - Third Party Advisory
References	~~(SECUNIA) http://secunia.com/advisories/41354 - Vendor Advisory~~	(SECUNIA) http://secunia.com/advisories/41354 - Third Party Advisory
References	~~(APPLE) http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html -~~	(APPLE) http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html - Mailing List, Third Party Advisory
References	~~(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047697.html -~~	(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047697.html - Mailing List, Third Party Advisory
References	~~(BUGTRAQ) http://www.securityfocus.com/archive/1/515055/100/0/threaded -~~	(BUGTRAQ) http://www.securityfocus.com/archive/1/515055/100/0/threaded - Third Party Advisory, VDB Entry
References	~~(UBUNTU) http://www.ubuntu.com/usn/USN-987-1 -~~	(UBUNTU) http://www.ubuntu.com/usn/USN-987-1 - Third Party Advisory
References	~~(VUPEN) http://www.vupen.com/english/advisories/2011/0091 -~~	(VUPEN) http://www.vupen.com/english/advisories/2011/0091 - Permissions Required
References	~~(VUPEN) http://www.vupen.com/english/advisories/2010/2378 - Patch, Vendor Advisory~~	(VUPEN) http://www.vupen.com/english/advisories/2010/2378 - Permissions Required
References	~~(VUPEN) http://www.vupen.com/english/advisories/2010/3126 -~~	(VUPEN) http://www.vupen.com/english/advisories/2010/3126 - Permissions Required
References	~~(CONFIRM) http://us1.samba.org/samba/history/samba-3.5.5.html -~~	(CONFIRM) http://us1.samba.org/samba/history/samba-3.5.5.html - Vendor Advisory
References	~~(CONFIRM) http://support.apple.com/kb/HT4723 -~~	(CONFIRM) http://support.apple.com/kb/HT4723 - Third Party Advisory

7.5 /10