fkie_cve-2010-1642
Vulnerability from fkie_nvd
Published
2010-06-17 16:30
Modified
2025-04-11 00:51
Severity ?
Summary
The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \xff\xff security blob length in a Session Setup AndX request.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6627F8F-50B7-48B7-A071-BEDABD089C15",
"versionEndIncluding": "3.4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F84FB25B-5EA5-48DC-B528-E8CCF714C919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "216145B7-4716-42F7-90DC-03884ECB2271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "898968E5-577E-4B86-A804-EBEC67157A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "920EF846-41D1-429D-AF0F-3D7950F93069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8016DC4F-F410-4401-BDCC-91BE0D44D028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DC94A2CF-85DF-4BB5-8F78-470A3454C3CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "632D2489-3B5E-466E-A6DF-1EF00303869B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC116E5-B739-4E18-AA51-FFF59EBCA08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3D40F682-9F2E-465F-98F7-23E1036C74A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9478CC84-802F-4960-ACAB-3700154E813F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5BEA3806-E33A-49A6-99A4-095B4E543C43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AA7D08FB-30B9-4E42-B831-21A0C095062C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "13E6C8A4-FA17-44EF-A447-C73108540B59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "57D5EA00-CC2E-4E56-8297-A3C1CEDBBE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "50E05AD3-C7F0-421D-8C9B-604E553332E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3A53517C-F12D-4D74-A722-5AE23598CEC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2BF4A0A7-E176-4009-BAA2-E23B330D91A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:*",
"matchCriteriaId": "42EB6115-CC45-4464-8400-D7E3A9402803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "58B06DAF-869F-481B-965D-70353581A6E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF1A1D4-39DE-4227-A6E0-7E7817BDCCE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "84F0E277-09BD-4FA8-B2A3-7E83AD1656BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "9F260B05-3963-49BF-9D96-EB06722C5483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "59A7E91B-7B13-47E5-B8E6-CE7D6DC490F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "F002F105-A911-4E56-8630-C287DC527E05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.20a:*:*:*:*:*:*:*",
"matchCriteriaId": "D1936E19-9887-4E53-AA0C-738ABD4B97EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.20b:*:*:*:*:*:*:*",
"matchCriteriaId": "A2206C09-6A4B-4EC4-A206-E48EDF966913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "0B918306-8743-404D-A035-CC3997ADCC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*",
"matchCriteriaId": "43684906-D3AA-40FB-A75D-ED65C1DC9BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*",
"matchCriteriaId": "62E39538-4811-49DB-97CF-1F018C58BAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*",
"matchCriteriaId": "C85D69FE-AF43-4B0E-A7A9-2D2C16426180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "86347948-C08F-4F02-89A0-4F4A55CD4BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "A908DA9D-A8BD-46BA-A71F-BFDEC0A1341E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.23a:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA7905C-51A0-4A56-A6A5-330288613055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.23b:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE85033-0658-4D60-8C7A-6E2BD63AFDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.23c:*:*:*:*:*:*:*",
"matchCriteriaId": "4600AAA4-834D-4F63-8E9A-88CB555C029E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*",
"matchCriteriaId": "54FE8D2E-AF0D-4C84-A5BC-2CE6759B534C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "8BFA3B82-9440-49E1-8088-FA22C0B7DD88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "0762B1DA-7232-478D-805F-5E2A50F8BEAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.25:pre1:*:*:*:*:*:*",
"matchCriteriaId": "9F22FC74-5999-4158-A253-674BF1C21E2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.25:pre2:*:*:*:*:*:*",
"matchCriteriaId": "0EEB31C4-5352-4905-8D9E-BD754991F07E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.25:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B0BE2AEC-6ACD-422C-AD20-6C034D68C891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.25:rc2:*:*:*:*:*:*",
"matchCriteriaId": "101163D7-D440-43CC-8704-A9614CD8CEE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.25:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F0E4811D-3387-4838-94A0-1BD7F3C9C3D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.25a:*:*:*:*:*:*:*",
"matchCriteriaId": "B69EA9CF-627C-4600-B4EC-10E91DB07E1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.25b:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF740A1-0BEC-4E29-9C74-F1F906EF3EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.25c:*:*:*:*:*:*:*",
"matchCriteriaId": "99A8D6D8-A207-498F-8DB2-EB7ED842CE1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "70BB5BA1-F499-40FC-80F6-B3CD2F1BB074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.26a:*:*:*:*:*:*:*",
"matchCriteriaId": "9A973443-C497-41FB-AF47-529AA2906CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "4BEE83D0-8377-49FB-AC7D-3B5E9DB6918B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.27a:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC24403-E706-4073-A04D-53E1B79B59B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "42F2EB0A-249D-4E81-B459-A88AC60A1D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.28a:*:*:*:*:*:*:*",
"matchCriteriaId": "8B3AA114-63C8-4B25-86BA-73C6933EE21F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "EBEA8397-6E23-49FE-9555-39C9599C6362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "023C2353-750A-42FC-AC7E-115627E74AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "F28A8721-CA4A-44E1-B740-0B4610374CF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.32:*:*:*:*:*:*:*",
"matchCriteriaId": "D93572BB-7F00-4137-A079-6FE96CD73F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "0F0B13E8-EF18-4A3D-B228-C7FF128D1FD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "9B843321-9A8D-4541-9E54-58E2978E2437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF36A20-3607-43A8-A4CC-169922BC0327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71265E-60C4-4495-8B66-360E96B76FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.37:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DB3DDE-C0F2-485C-B11E-2DD8A91B8CF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AC56F11D-20DE-4399-AED1-DF42C7E62F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FE530BB9-A3ED-4EBB-B8E5-86D4CC5A8C7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44746973-3CFD-4808-9545-755E296EFF6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31E4627C-5D19-4599-B304-D0E4D4193170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE162A7-969D-44D5-B9ED-764F20F19C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "28DF45AE-DF03-4321-A019-D3BBC16433B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "64D87AD2-89F2-455F-916E-D404E6BD02C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6218AB51-DE71-40F3-8CBC-AF33586D36EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D02F8427-0DCC-48A9-A04F-939571D511E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E4AEDE0A-B15C-4B0B-AFE9-4F96E5F71429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FC8A9943-6949-4B0A-9864-8B4696704098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AF1D6FEB-A3C8-41D1-B222-3AD11DB9C4AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4970BB40-085C-4069-B6F1-7E3726F1CFCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4F1E6CDA-36BF-4374-BBDF-B6DD52598AA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FA43C063-EBE1-4C61-9C9E-C84C3A594A52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6962B6DA-5D78-4702-9546-216971D03F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "39FAD067-8547-41E7-B1BC-74CC55D58AA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "787C3CBF-5E4E-4727-950A-D99F15327CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D9E86C9-14FE-4C55-A08F-9A0C555260ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4B0684-FDCC-4EE8-AABA-F71204167C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7172A430-F124-4200-88C2-8BE486BA5DDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D0EB9DC7-A196-48ED-893B-733E8CDA961F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27D03508-3D54-4D05-A5BC-6F8641B45C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F235FA61-ECBB-45C8-A48D-FAF12A5E2EC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1B0E09D3-68FA-40C9-A478-53707E5F78BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "66D41850-968D-431D-8075-EE9EFF013408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "873A4A35-2CB0-4D55-B455-19D892776293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "755DA0DD-6DC3-48D9-98D5-9EA2C59CA0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6680FCFB-CD17-4B4E-B523-A9D969D5F1BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FD90F710-95F0-4AE7-A8C9-0DC5FCA01DD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "254D9460-899D-4D06-AC47-1914A42FC09A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DDCD3046-85BB-40A6-A898-774833033891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C78E2B3A-10C4-4226-A224-8D4AC792B2F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFFCF854-E316-442F-A62F-ACC1CA4E9892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "43FE147E-B1D1-4BC2-ACC0-85F39674C064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D1A63AC0-2B68-46A8-AD96-657C99463E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BD30B7-E182-402B-BE72-6C82DC085872",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4A0C00E2-AD14-46A1-A695-FFE81547303B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC5E48D-95CC-46E9-9491-CA8A5FD9F14E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8C705F9A-BEA3-40F9-AC9D-730F3A704731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B5900E6E-4379-4321-B69D-F9FBD341ACEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E2C56B31-4495-4974-A47F-7D18734C9B5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \\xff\\xff security blob length in a Session Setup AndX request."
},
{
"lang": "es",
"value": "La funci\u00f3n reply_sesssetup_and_X_spnego de sesssetup.c de smbd de Samba anterior a v3.4.8, y v3.5.x anterior a v3.5.2, permite a atacantes remotos provocar una lectura fuera de rango y ocasionar una denegaci\u00f3n de servicio (ca\u00edda del proceso), a trav\u00e9s de una longitud blob -binary large object- de seguridad \\xff\\xff en una solicitud Session Setup AndX."
}
],
"id": "CVE-2010-1642",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-06-17T16:30:01.873",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://git.samba.org/?p=samba.git%3Ba=commit%3Bh=9280051bfba337458722fb157f3082f93cbd9f2b"
},
{
"source": "secalert@redhat.com",
"url": "http://samba.org/samba/history/samba-3.4.8.html"
},
{
"source": "secalert@redhat.com",
"url": "http://samba.org/samba/history/samba-3.5.2.html"
},
{
"source": "secalert@redhat.com",
"url": "http://security-tracker.debian.org/tracker/CVE-2010-1642"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:141"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/40097"
},
{
"source": "secalert@redhat.com",
"url": "http://www.stratsec.net/Research/Advisories/Samba-Multiple-DoS-Vulnerabilities-%28SS-2010-005%29"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2010/1933"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=594921"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.samba.org/show_bug.cgi?id=7254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.samba.org/?p=samba.git%3Ba=commit%3Bh=9280051bfba337458722fb157f3082f93cbd9f2b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://samba.org/samba/history/samba-3.4.8.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://samba.org/samba/history/samba-3.5.2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security-tracker.debian.org/tracker/CVE-2010-1642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/40097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.stratsec.net/Research/Advisories/Samba-Multiple-DoS-Vulnerabilities-%28SS-2010-005%29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/1933"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=594921"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.samba.org/show_bug.cgi?id=7254"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…