CVE-2011-2724

EUVD-2011-2702
The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.  NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0547.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
1.2 UNKNOWN
LOCAL
HIGH
AV:L/AC:H/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
Affected Products (NVD)
VendorProductVersion
sambasamba
𝑥
≤ 3.5.10
sambasamba
1.9.17
sambasamba
1.9.17:p1
sambasamba
1.9.17:p2
sambasamba
1.9.17:p3
sambasamba
1.9.17:p4
sambasamba
1.9.17:p5
sambasamba
1.9.18
sambasamba
1.9.18:p1
sambasamba
1.9.18:p10
sambasamba
1.9.18:p2
sambasamba
1.9.18:p3
sambasamba
1.9.18:p4
sambasamba
1.9.18:p5
sambasamba
1.9.18:p6
sambasamba
1.9.18:p7
sambasamba
1.9.18:p8
sambasamba
2.0
sambasamba
2.0.0
sambasamba
2.0.1
sambasamba
2.0.2
sambasamba
2.0.3
sambasamba
2.0.4
sambasamba
2.0.5
sambasamba
2.0.5:a
sambasamba
2.0.5a:a
sambasamba
2.0.6
sambasamba
2.0.7
sambasamba
2.0.8
sambasamba
2.0.9
sambasamba
2.0.10
sambasamba
2.2:a
sambasamba
2.2.0
sambasamba
2.2.0:a
sambasamba
2.2.0a:a
sambasamba
2.2.1
sambasamba
2.2.1:a
sambasamba
2.2.1a:a
sambasamba
2.2.2
sambasamba
2.2.3
sambasamba
2.2.3:a
sambasamba
2.2.3a:a
sambasamba
2.2.4
sambasamba
2.2.5
sambasamba
2.2.6
sambasamba
2.2.7
sambasamba
2.2.7:a
sambasamba
2.2.7a:a
sambasamba
2.2.8
sambasamba
2.2.8:a
sambasamba
2.2.8a:a
sambasamba
2.2.9
sambasamba
2.2.10
sambasamba
2.2.11
sambasamba
2.2.12
sambasamba
2.2a:a
sambasamba
2.18.3
sambasamba
3.0.0
sambasamba
3.0.1
sambasamba
3.0.2
sambasamba
3.0.2:a
sambasamba
3.0.2a:a
sambasamba
3.0.3
sambasamba
3.0.4
sambasamba
3.0.4:rc1
sambasamba
3.0.5
sambasamba
3.0.6
sambasamba
3.0.7
sambasamba
3.0.8
sambasamba
3.0.9
sambasamba
3.0.10
sambasamba
3.0.11
sambasamba
3.0.12
sambasamba
3.0.13
sambasamba
3.0.14
sambasamba
3.0.14:a
sambasamba
3.0.14a:a
sambasamba
3.0.15
sambasamba
3.0.16
sambasamba
3.0.17
sambasamba
3.0.18
sambasamba
3.0.19
sambasamba
3.0.20
sambasamba
3.0.20:a
sambasamba
3.0.20:b
sambasamba
3.0.20a:a
sambasamba
3.0.20b:b
sambasamba
3.0.21
sambasamba
3.0.21:a
sambasamba
3.0.21:b
sambasamba
3.0.21:c
sambasamba
3.0.21a:a
sambasamba
3.0.21b:b
sambasamba
3.0.21c:c
sambasamba
3.0.22
sambasamba
3.0.23
sambasamba
3.0.23:a
sambasamba
3.0.23:b
sambasamba
3.0.23:c
sambasamba
3.0.23:d
sambasamba
3.0.23a:a
sambasamba
3.0.23b:b
sambasamba
3.0.23c:c
sambasamba
3.0.23d:d
sambasamba
3.0.24
sambasamba
3.0.25
sambasamba
3.0.25:a
sambasamba
3.0.25:b
sambasamba
3.0.25:c
sambasamba
3.0.25:pre1
sambasamba
3.0.25:pre2
sambasamba
3.0.25:rc1
sambasamba
3.0.25:rc2
sambasamba
3.0.25:rc3
sambasamba
3.0.25a:a
sambasamba
3.0.25b:b
sambasamba
3.0.25c:c
sambasamba
3.0.26
sambasamba
3.0.26:a
sambasamba
3.0.26a:a
sambasamba
3.0.27
sambasamba
3.0.27:a
sambasamba
3.0.28
sambasamba
3.0.28:a
sambasamba
3.0.29
sambasamba
3.0.30
sambasamba
3.0.31
sambasamba
3.0.32
sambasamba
3.0.33
sambasamba
3.0.34
sambasamba
3.0.35
sambasamba
3.0.36
sambasamba
3.0.37
sambasamba
3.1.0
sambasamba
3.2.0
sambasamba
3.2.1
sambasamba
3.2.2
sambasamba
3.2.3
sambasamba
3.2.4
sambasamba
3.2.5
sambasamba
3.2.6
sambasamba
3.2.7
sambasamba
3.2.8
sambasamba
3.2.9
sambasamba
3.2.10
sambasamba
3.2.11
sambasamba
3.2.12
sambasamba
3.2.13
sambasamba
3.2.14
sambasamba
3.2.15
sambasamba
3.3.0
sambasamba
3.3.1
sambasamba
3.3.2
sambasamba
3.3.3
sambasamba
3.3.4
sambasamba
3.3.5
sambasamba
3.3.6
sambasamba
3.3.7
sambasamba
3.3.8
sambasamba
3.3.9
sambasamba
3.3.10
sambasamba
3.3.11
sambasamba
3.3.12
sambasamba
3.3.13
sambasamba
3.3.14
sambasamba
3.3.15
sambasamba
3.3.16
sambasamba
3.4.0
sambasamba
3.4.1
sambasamba
3.4.2
sambasamba
3.4.3
sambasamba
3.4.4
sambasamba
3.4.5
sambasamba
3.4.6
sambasamba
3.4.7
sambasamba
3.4.8
sambasamba
3.4.9
sambasamba
3.4.10
sambasamba
3.4.11
sambasamba
3.4.12
sambasamba
3.4.13
sambasamba
3.4.14
sambasamba
3.5.0
sambasamba
3.5.1
sambasamba
3.5.2
sambasamba
3.5.3
sambasamba
3.5.4
sambasamba
3.5.5
sambasamba
3.5.6
sambasamba
3.5.7
sambasamba
3.5.8
sambasamba
3.5.9
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
cifs-utils
bookworm
2:7.0-2
fixed
bullseye
2:6.11-3.1+deb11u2
fixed
bullseye (security)
2:6.11-3.1+deb11u1
fixed
sid
2:7.0-2.1
fixed
trixie
2:7.0-2.1
fixed
samba
bookworm
2:4.17.12+dfsg-0+deb12u1
fixed
bookworm (security)
2:4.17.12+dfsg-0+deb12u1
fixed
bullseye
2:4.13.13+dfsg-1~deb11u6
fixed
bullseye (security)
2:4.13.13+dfsg-1~deb11u6
fixed
sid
2:4.21.1+dfsg-2
fixed
trixie
2:4.21.1+dfsg-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
cifs-utils
dapper
dne
hardy
dne
karmic
dne
lucid
dne
maverick
Fixed 2:4.5-2ubuntu0.10.10.1
released
natty
Fixed 2:4.5-2ubuntu0.11.04.1
released
samba
dapper
ignored
hardy
not-affected
karmic
ignored
lucid
Fixed 2:3.4.7~dfsg-1ubuntu3.8
released
maverick
not-affected
natty
not-affected
Common Weakness Enumeration
References
http://comments.gmane.org/gmane.linux.kernel.cifs/3827
http://git.samba.org/?p=cifs-utils.git%3Ba=commit%3Bh=1e7a32924b22d1f786b6f490ce8590656f578f91
http://openwall.com/lists/oss-security/2011/07/29/9
http://secunia.com/advisories/45798
http://www.mandriva.com/security/advisories?name=MDVSA-2011:148
http://www.redhat.com/support/errata/RHSA-2011-1220.html
http://www.redhat.com/support/errata/RHSA-2011-1221.html
http://www.securitytracker.com/id?1025984
https://bugzilla.redhat.com/show_bug.cgi?id=726691
http://comments.gmane.org/gmane.linux.kernel.cifs/3827
http://git.samba.org/?p=cifs-utils.git%3Ba=commit%3Bh=1e7a32924b22d1f786b6f490ce8590656f578f91
http://openwall.com/lists/oss-security/2011/07/29/9
http://secunia.com/advisories/45798
http://www.mandriva.com/security/advisories?name=MDVSA-2011:148
http://www.redhat.com/support/errata/RHSA-2011-1220.html
http://www.redhat.com/support/errata/RHSA-2011-1221.html
http://www.securitytracker.com/id?1025984
https://bugzilla.redhat.com/show_bug.cgi?id=726691