PT-2010-5677 · Samba+2 · Libtalloc1-32Bit+19

Florian Weimer

+1

·

Publicado

1970-01-01

·

Atualizado

2024-06-15

·

CVE-2010-0787

CVSS v2.0

7.5

Alta

VetorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions mount-cifs versions 3.0.30 and earlier Samba versions 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 libsmbclient-64bit (affected versions not specified) libsmbclient0-64bit (affected versions not specified) libtalloc1-32bit (affected versions not specified) libtalloc1-64bit (affected versions not specified) libtdb1-64bit (affected versions not specified) libwbclient0-64bit (affected versions not specified) samba-client-64bit (affected versions not specified) samba-pdb (affected versions not specified) samba-python (affected versions not specified) samba-vscan (affected versions not specified) samba-winbind-64bit (affected versions not specified) cifs-mount (affected versions not specified) libsmbclient (affected versions not specified) libsmbclient-x86 (affected versions not specified) libsmbsharemodes (affected versions not specified) libmsrpc (affected versions not specified) libmsrpc-devel (affected versions not specified) samba-64bit (affected versions not specified)
Description The issue concerns multiple vulnerabilities in various packages of the Samba software and related components, which can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited locally or remotely. The exploitation may allow attackers to gain privileges or disrupt the system. Technical details about the exploitation include the possibility of a symlink attack on the mountpoint directory file in the mount.cifs component.
Recommendations For mount-cifs version 3.0.30 and earlier, update to a version later than 3.0.30. For Samba versions 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5, update to a version later than 3.4.5. For libsmbclient-64bit, libsmbclient0-64bit, libtalloc1-32bit, libtalloc1-64bit, libtdb1-64bit, libwbclient0-64bit, samba-client-64bit, samba-pdb, samba-python, samba-vscan, samba-winbind-64bit, cifs-mount, libsmbclient, libsmbclient-x86, libsmbsharemodes, libmsrpc, libmsrpc-devel, and samba-64bit, update to the latest available version. As a temporary workaround, consider restricting access to the vulnerable components until a patch is available.

Correção

RCE

Link Following

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20CWE-59

Identificadores relacionados

BDU:2015-04574
BDU:2015-04575
BDU:2015-04576
BDU:2015-04577
BDU:2015-05281
BDU:2015-05282
BDU:2015-05283
BDU:2015-05284
BDU:2015-05285
BDU:2015-05286
BDU:2015-05287
BDU:2015-05288
BDU:2015-05289
BDU:2015-05290
BDU:2015-05291
BDU:2015-05292
BDU:2015-05293
BDU:2015-05294
BDU:2015-05295
BDU:2015-05296
BDU:2015-05297
BDU:2015-05298
BDU:2015-05299
BDU:2015-05300
BDU:2015-05301
BDU:2015-09651
CVE-2010-0787
DSA-2004-1
ECHO-AF91-6CD2-31FD
OPENSUSE-SU-2024:10069-1
OPENSUSE-SU-2024:10334-1
RHSA-2011:1219
RHSA-2011_1219

Produtos afetados

Red Hat
Samba
Suse
Mount-Cifs
Libmsrpc
Libmsrpc-Devel
Libsmbclient
Libsmbclient-64Bit
Libsmbclient-X86
Libsmbclient0-64Bit
Libsmbsharemodes
Libtalloc1-32Bit
Libtalloc1-64Bit
Libtdb1-64Bit
Samba-64Bit
Samba-Client-64Bit
Samba-Pdb
Samba-Python
Samba-Vscan
Samba-Winbind-64Bit