client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:12
Type | Values Removed | Values Added |
---|---|---|
References | () http://git.samba.org/?p=samba.git%3Ba=commit%3Bh=a065c177dfc8f968775593ba00dffafeebb2e054 - | |
References | () http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html - | |
References | () http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html - | |
References | () http://secunia.com/advisories/39317 - | |
References | () http://security.gentoo.org/glsa/glsa-201206-29.xml - | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2010:090 - | |
References | () http://www.securityfocus.com/bid/38326 - | |
References | () http://www.vupen.com/english/advisories/2010/1062 - |
07 Nov 2023, 02:05
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2010-02-04 20:15
Updated : 2024-11-21 01:12
NVD link : CVE-2010-0547
Mitre link : CVE-2010-0547
CVE.ORG link : CVE-2010-0547
JSON object : View
Products Affected
samba
- samba
CWE
CWE-20
Improper Input Validation