CVE-2010-0547

client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
VendorProductVersion
sambasamba
𝑥
≤ 3.4.5
sambasamba
1.9.17
sambasamba
1.9.17:p1
sambasamba
1.9.17:p2
sambasamba
1.9.17:p3
sambasamba
1.9.17:p4
sambasamba
1.9.17:p5
sambasamba
1.9.18
sambasamba
1.9.18:p1
sambasamba
1.9.18:p10
sambasamba
1.9.18:p2
sambasamba
1.9.18:p3
sambasamba
1.9.18:p4
sambasamba
1.9.18:p5
sambasamba
1.9.18:p6
sambasamba
1.9.18:p7
sambasamba
1.9.18:p8
sambasamba
2.2.0
sambasamba
2.2.0a:a
sambasamba
2.2.1
sambasamba
2.2.1a:a
sambasamba
2.2.2
sambasamba
2.2.3
sambasamba
2.2.3a:a
sambasamba
2.2.4
sambasamba
2.2.5
sambasamba
2.2.6
sambasamba
2.2.7
sambasamba
2.2.7a:a
sambasamba
2.2.8
sambasamba
2.2.8a:a
sambasamba
2.2.9
sambasamba
2.2.10
sambasamba
2.2.11
sambasamba
2.2.12
sambasamba
2.2a:a
sambasamba
3.0.0
sambasamba
3.0.1
sambasamba
3.0.2
sambasamba
3.0.2a:a
sambasamba
3.0.3
sambasamba
3.0.4
sambasamba
3.0.4:rc1
sambasamba
3.0.5
sambasamba
3.0.6
sambasamba
3.0.8
sambasamba
3.0.9
sambasamba
3.0.10
sambasamba
3.0.11
sambasamba
3.0.12
sambasamba
3.0.13
sambasamba
3.0.14
sambasamba
3.0.14a:a
sambasamba
3.0.20
sambasamba
3.0.20a:a
sambasamba
3.0.20b:b
sambasamba
3.0.21
sambasamba
3.0.21a:a
sambasamba
3.0.21b:b
sambasamba
3.0.21c:c
sambasamba
3.0.22
sambasamba
3.0.23
sambasamba
3.0.23a:a
sambasamba
3.0.23b:b
sambasamba
3.0.23c:c
sambasamba
3.0.23d:d
sambasamba
3.0.24
sambasamba
3.0.25
sambasamba
3.0.25:pre1
sambasamba
3.0.25:pre2
sambasamba
3.0.25:rc1
sambasamba
3.0.25:rc2
sambasamba
3.0.25:rc3
sambasamba
3.0.25a:a
sambasamba
3.0.25b:b
sambasamba
3.0.25c:c
sambasamba
3.0.26
sambasamba
3.0.26a:a
sambasamba
3.0.27
sambasamba
3.0.27a:a
sambasamba
3.0.28
sambasamba
3.0.28a:a
sambasamba
3.0.29
sambasamba
3.0.30
sambasamba
3.0.31
sambasamba
3.0.32
sambasamba
3.0.33
sambasamba
3.0.34
sambasamba
3.0.35
sambasamba
3.0.36
sambasamba
3.0.37
sambasamba
3.2.0
sambasamba
3.2.1
sambasamba
3.2.2
sambasamba
3.2.3
sambasamba
3.2.4
sambasamba
3.2.5
sambasamba
3.2.6
sambasamba
3.2.7
sambasamba
3.2.8
sambasamba
3.2.9
sambasamba
3.2.10
sambasamba
3.2.11
sambasamba
3.2.12
sambasamba
3.2.13
sambasamba
3.2.14
sambasamba
3.2.15
sambasamba
3.3.0
sambasamba
3.3.1
sambasamba
3.3.2
sambasamba
3.3.3
sambasamba
3.3.4
sambasamba
3.3.5
sambasamba
3.3.6
sambasamba
3.3.7
sambasamba
3.3.8
sambasamba
3.3.9
sambasamba
3.3.10
sambasamba
3.4.0
sambasamba
3.4.1
sambasamba
3.4.2
sambasamba
3.4.3
sambasamba
3.4.4
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
samba
bullseye (security)
2:4.13.13+dfsg-1~deb11u6
fixed
bullseye
2:4.13.13+dfsg-1~deb11u6
fixed
bookworm
2:4.17.12+dfsg-0+deb12u1
fixed
bookworm (security)
2:4.17.12+dfsg-0+deb12u1
fixed
sid
2:4.21.1+dfsg-2
fixed
trixie
2:4.21.1+dfsg-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
samba
karmic
Fixed 2:3.4.0-3ubuntu5.4
released
jaunty
Fixed 2:3.3.2-1ubuntu3.3
released
intrepid
Fixed 2:3.2.3-1ubuntu3.7
released
hardy
Fixed 3.0.28a-1ubuntu4.10
released
dapper
Fixed 3.0.22-1ubuntu3.10
released
Common Weakness Enumeration
References
http://git.samba.org/?p=samba.git%3Ba=commit%3Bh=a065c177dfc8f968775593ba00dffafeebb2e054
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://secunia.com/advisories/39317
http://security.gentoo.org/glsa/glsa-201206-29.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2010:090
http://www.securityfocus.com/bid/38326
http://www.vupen.com/english/advisories/2010/1062
http://git.samba.org/?p=samba.git%3Ba=commit%3Bh=a065c177dfc8f968775593ba00dffafeebb2e054
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://secunia.com/advisories/39317
http://security.gentoo.org/glsa/glsa-201206-29.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2010:090
http://www.securityfocus.com/bid/38326
http://www.vupen.com/english/advisories/2010/1062