CVE-2012-0870

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion.

References

http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB29565

http://lists.apple.com/archives/security-announce/2012/May/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00008.html

http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00009.html

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00014.html

http://secunia.com/advisories/48116

http://secunia.com/advisories/48186

http://secunia.com/advisories/48844

http://secunia.com/advisories/48879

http://support.apple.com/kb/HT5281

http://www.ubuntu.com/usn/USN-1374-1

https://bugzilla.redhat.com/show_bug.cgi?id=795509

https://exchange.xforce.ibmcloud.com/vulnerabilities/73361

Details

Source: MITRE

Published: 2012-02-23

Updated: 2018-10-30

Type: CWE-119

Risk Information

CVSS v2

Base Score: 7.9

Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 5.5

Severity: HIGH

Tenable Plugins

View all (14 total)

IDNameProductFamilySeverity
122058Samba < 3.4.0 Remote Code Execution VulnerabilityNessusMisc.
high
9349Samba 3.x < 3.4.0 Buffer OverflowNessus Network MonitorSamba
high
74600openSUSE Security Update : samba (openSUSE-SU-2012:0507-1)NessusSuSE Local Security Checks
critical
68490Oracle Linux 4 / 5 : samba (ELSA-2012-0332)NessusOracle Linux Local Security Checks
high
61276Scientific Linux Security Update : samba on SL5.x i386/x86_64 (20120223)NessusScientific Linux Local Security Checks
high
61275Scientific Linux Security Update : samba on SL4.x i386/x86_64 (20120223)NessusScientific Linux Local Security Checks
high
59675GLSA-201206-22 : Samba: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
59067Mac OS X Multiple Vulnerabilities (Security Update 2012-002) (BEAST)NessusMacOS X Local Security Checks
critical
58767SuSE 11.2 Security Update : Samba (SAT Patch Number 6145)NessusSuSE Local Security Checks
critical
58327Samba 'AndX' Request Heap-Based Buffer OverflowNessusMisc.
critical
58299SuSE 10 Security Update : Samba (ZYPP Patch Number 7985)NessusSuSE Local Security Checks
high
58131Ubuntu 8.04 LTS : samba vulnerability (USN-1374-1)NessusUbuntu Local Security Checks
high
58111RHEL 4 / 5 : samba (RHSA-2012:0332)NessusRed Hat Local Security Checks
high
58109CentOS 4 : samba (CESA-2012:0332)NessusCentOS Local Security Checks
high