exploit the possibilities
Showing 1 - 6 of 6 RSS Feed

CVE-2011-2724

Status Candidate

Overview

The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0547.

Related Files

Gentoo Linux Security Advisory 201206-22
Posted Jun 24, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-22 - Multiple vulnerabilities have been found in Samba, the worst of which may allow execution of arbitrary code with root privileges. Versions less than 3.5.15 are affected.

tags | advisory, arbitrary, root, vulnerability
systems | linux, gentoo
advisories | CVE-2009-2906, CVE-2009-2948, CVE-2010-0728, CVE-2010-1635, CVE-2010-1642, CVE-2010-2063, CVE-2010-3069, CVE-2011-0719, CVE-2011-1678, CVE-2011-2724, CVE-2012-0870, CVE-2012-1182, CVE-2012-2111
MD5 | d09ac67d577b9ebfc89bc15fa631a991
Mandriva Linux Security Advisory 2011-148
Posted Oct 12, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-148 - Multiple vulnerabilities has been discovered and corrected in samba/cifs-utils. smbfs in Samba 3.5.8 and earlier attempts to use mount.cifs to append to the /etc/mtab file and umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089. The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the mountpoint strings are composed of valid characters, which allows local users to cause a denial of service via a crafted string. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0547. Additionally for Mandriva Linux 2010.2 the cifs-utils package has been upgraded to the 4.8.1 version that brings numerous additional fixes.

tags | advisory, denial of service, local, vulnerability
systems | linux, mandriva
advisories | CVE-2011-1678, CVE-2011-2724
MD5 | f663d6b0ff69a77f77548072eb9d3b7d
Ubuntu Security Notice USN-1226-2
Posted Oct 4, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1226-2 - Dan Rosenberg discovered that cifs-utils incorrectly handled changes to the mtab file. A local attacker could use this issue to corrupt the mtab file, possibly leading to a denial of service. Jan Lieskovsky discovered that cifs-utils incorrectly filtered certain strings being added to the mtab file. A local attacker could use this issue to corrupt the mtab file, possibly leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2011-1678, CVE-2011-2724
MD5 | 7c0ac19cfa14571314dadee567959060
Ubuntu Security Notice USN-1226-1
Posted Oct 4, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1226-1 - Dan Rosenberg discovered that Samba incorrectly handled changes to the mtab file. A local attacker could use this issue to corrupt the mtab file, possibly leading to a denial of service. Jan Lieskovsky discovered that Samba incorrectly filtered certain strings being added to the mtab file. A local attacker could use this issue to corrupt the mtab file, possibly leading to a denial of service. This issue only affected Ubuntu 10.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2011-1678, CVE-2011-2724, CVE-2011-3585
MD5 | 08ee2079bd791465caba06ce4ad47511
Red Hat Security Advisory 2011-1221-01
Posted Aug 30, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1221-01 - Samba is a suite of programs used by machines to share files, printers, and other information. The cifs-utils package contains utilities for mounting and managing CIFS shares. A cross-site scripting flaw was found in the password change page of the Samba Web Administration Tool. If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the context of the user's SWAT session. It was found that SWAT web pages did not protect against Cross-Site Request Forgery attacks. If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a specially-crafted URL, the attacker could perform Samba configuration changes with the privileges of the logged in user.

tags | advisory, remote, web, arbitrary, xss, csrf
systems | linux, redhat
advisories | CVE-2011-1678, CVE-2011-2522, CVE-2011-2694, CVE-2011-2724
MD5 | d9801246e743b4d38706fb1f357c2111
Red Hat Security Advisory 2011-1220-01
Posted Aug 29, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1220-01 - Samba is a suite of programs used by machines to share files, printers, and other information. A cross-site scripting flaw was found in the password change page of the Samba Web Administration Tool. If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the context of the user's SWAT session. It was found that SWAT web pages did not protect against Cross-Site Request Forgery attacks. If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a specially-crafted URL, the attacker could perform Samba configuration changes with the privileges of the logged in user.

tags | advisory, remote, web, arbitrary, xss, csrf
systems | linux, redhat
advisories | CVE-2011-1678, CVE-2011-2522, CVE-2011-2694, CVE-2011-2724
MD5 | a5bf4c36fe233c02cd424d5b58288e3f
Page 1 of 1
Back1Next

File Archive:

December 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    1 Files
  • 2
    Dec 2nd
    16 Files
  • 3
    Dec 3rd
    17 Files
  • 4
    Dec 4th
    23 Files
  • 5
    Dec 5th
    11 Files
  • 6
    Dec 6th
    9 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close