CVE-2010-3069 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:P/I:P/A:P

Base Score

CVSS 3.x

EPSS Score

Percentile: 94%

Affected Products (NVD)

Vendor	Product	Version
samba	samba	3.0.0 ≤ 𝑥 ≤ 3.3.14
samba	samba	3.4.0 ≤ 𝑥 < 3.4.9
samba	samba	3.5.0 ≤ 𝑥 < 3.5.5
canonical	ubuntu_linux	6.06
canonical	ubuntu_linux	8.04
canonical	ubuntu_linux	9.04
canonical	ubuntu_linux	9.10
canonical	ubuntu_linux	10.04

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

samba

bookworm	2:4.17.12+dfsg-0+deb12u1 fixed
bookworm (security)	2:4.17.12+dfsg-0+deb12u1 fixed
bullseye	2:4.13.13+dfsg-1~deb11u6 fixed
bullseye (security)	2:4.13.13+dfsg-1~deb11u6 fixed
sid	2:4.21.1+dfsg-2 fixed
trixie	2:4.21.1+dfsg-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

samba

dapper	Fixed 3.0.22-1ubuntu3.13 released
hardy	Fixed 3.0.28a-1ubuntu4.13 released
jaunty	Fixed 2:3.3.2-1ubuntu3.6 released
karmic	Fixed 2:3.4.0-3ubuntu5.7 released
lucid	Fixed 2:3.4.7~dfsg-1ubuntu3.2 released

Red Hat Enterprise Linux Releases

Red Hat Product

Release

libsmbclient

RHEL 6

0:3.5.4-68.el6_0.1

fixed

libsmbclient-devel

RHEL 6

0:3.5.4-68.el6_0.1

fixed

samba

RHEL 6

0:3.5.4-68.el6_0.1

fixed

samba-client

RHEL 6

0:3.5.4-68.el6_0.1

fixed

samba-common

RHEL 6

0:3.5.4-68.el6_0.1

fixed

samba-doc

RHEL 6

0:3.5.4-68.el6_0.1

fixed

samba-domainjoin-gui

RHEL 6

0:3.5.4-68.el6_0.1

fixed

samba-swat

RHEL 6

0:3.5.4-68.el6_0.1

fixed

samba-winbind

RHEL 6

0:3.5.4-68.el6_0.1

fixed

samba-winbind-clients

RHEL 6

0:3.5.4-68.el6_0.1

fixed

samba-winbind-devel

RHEL 6

0:3.5.4-68.el6_0.1

fixed

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html

http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047650.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047697.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047758.html

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

http://marc.info/?l=bugtraq&m=130835366526620&w=2

http://secunia.com/advisories/41354

http://secunia.com/advisories/41447

http://secunia.com/advisories/42531

http://secunia.com/advisories/42885

http://support.apple.com/kb/HT4581

http://support.apple.com/kb/HT4723

http://us1.samba.org/samba/history/samba-3.5.5.html

http://us1.samba.org/samba/security/CVE-2010-3069.html

http://www.redhat.com/support/errata/RHSA-2010-0860.html

http://www.securityfocus.com/archive/1/515055/100/0/threaded

http://www.securityfocus.com/bid/43212

http://www.securitytracker.com/id?1024434

http://www.ubuntu.com/usn/USN-987-1

http://www.vmware.com/security/advisories/VMSA-2010-0019.html

http://www.vupen.com/english/advisories/2010/2378

http://www.vupen.com/english/advisories/2010/3126

http://www.vupen.com/english/advisories/2011/0091

https://exchange.xforce.ibmcloud.com/vulnerabilities/61773

http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html

http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047650.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047697.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047758.html

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

http://marc.info/?l=bugtraq&m=130835366526620&w=2

http://secunia.com/advisories/41354

http://secunia.com/advisories/41447

http://secunia.com/advisories/42531

http://secunia.com/advisories/42885

http://support.apple.com/kb/HT4581

http://support.apple.com/kb/HT4723

http://us1.samba.org/samba/history/samba-3.5.5.html

http://us1.samba.org/samba/security/CVE-2010-3069.html

http://www.redhat.com/support/errata/RHSA-2010-0860.html

http://www.securityfocus.com/archive/1/515055/100/0/threaded

http://www.securityfocus.com/bid/43212

http://www.securitytracker.com/id?1024434

http://www.ubuntu.com/usn/USN-987-1

http://www.vmware.com/security/advisories/VMSA-2010-0019.html

http://www.vupen.com/english/advisories/2010/2378

http://www.vupen.com/english/advisories/2010/3126

http://www.vupen.com/english/advisories/2011/0091

https://exchange.xforce.ibmcloud.com/vulnerabilities/61773