Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2011-2724

The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0547.

Published

2011-09-06T16:55:10.757

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 1.2 (LOW)

CVSSv2 Vector

AV:L/AC:H/Au:N/C:N/I:N/A:P

Access Vector: LOCAL
Access Complexity: HIGH
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

1.9

Impact Score

2.9

Weaknesses

Type: Primary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	samba	samba	≤ 3.5.10	Yes
Application	samba	samba	1.9.17	Yes
Application	samba	samba	1.9.17	Yes
Application	samba	samba	1.9.17	Yes
Application	samba	samba	1.9.17	Yes
Application	samba	samba	1.9.17	Yes
Application	samba	samba	1.9.17	Yes
Application	samba	samba	1.9.18	Yes
Application	samba	samba	1.9.18	Yes
Application	samba	samba	1.9.18	Yes
Application	samba	samba	1.9.18	Yes
Application	samba	samba	1.9.18	Yes
Application	samba	samba	1.9.18	Yes
Application	samba	samba	1.9.18	Yes
Application	samba	samba	1.9.18	Yes
Application	samba	samba	1.9.18	Yes
Application	samba	samba	1.9.18	Yes
Application	samba	samba	2.0	Yes
Application	samba	samba	2.0.0	Yes
Application	samba	samba	2.0.1	Yes
Application	samba	samba	2.0.2	Yes
Application	samba	samba	2.0.3	Yes
Application	samba	samba	2.0.4	Yes
Application	samba	samba	2.0.5	Yes
Application	samba	samba	2.0.5	Yes
Application	samba	samba	2.0.5a	Yes
Application	samba	samba	2.0.6	Yes
Application	samba	samba	2.0.7	Yes
Application	samba	samba	2.0.8	Yes
Application	samba	samba	2.0.9	Yes
Application	samba	samba	2.0.10	Yes
Application	samba	samba	2.2	Yes
Application	samba	samba	2.2.0	Yes
Application	samba	samba	2.2.0	Yes
Application	samba	samba	2.2.0a	Yes
Application	samba	samba	2.2.1	Yes
Application	samba	samba	2.2.1	Yes
Application	samba	samba	2.2.1a	Yes
Application	samba	samba	2.2.2	Yes
Application	samba	samba	2.2.3	Yes
Application	samba	samba	2.2.3	Yes
Application	samba	samba	2.2.3a	Yes
Application	samba	samba	2.2.4	Yes
Application	samba	samba	2.2.5	Yes
Application	samba	samba	2.2.6	Yes
Application	samba	samba	2.2.7	Yes
Application	samba	samba	2.2.7	Yes
Application	samba	samba	2.2.7a	Yes
Application	samba	samba	2.2.8	Yes
Application	samba	samba	2.2.8	Yes
Application	samba	samba	2.2.8a	Yes
Application	samba	samba	2.2.9	Yes
Application	samba	samba	2.2.10	Yes
Application	samba	samba	2.2.11	Yes
Application	samba	samba	2.2.12	Yes
Application	samba	samba	2.2a	Yes
Application	samba	samba	2.18.3	Yes
Application	samba	samba	3.0.0	Yes
Application	samba	samba	3.0.1	Yes
Application	samba	samba	3.0.2	Yes
Application	samba	samba	3.0.2	Yes
Application	samba	samba	3.0.2a	Yes
Application	samba	samba	3.0.3	Yes
Application	samba	samba	3.0.4	Yes
Application	samba	samba	3.0.4	Yes
Application	samba	samba	3.0.5	Yes
Application	samba	samba	3.0.6	Yes
Application	samba	samba	3.0.7	Yes
Application	samba	samba	3.0.8	Yes
Application	samba	samba	3.0.9	Yes
Application	samba	samba	3.0.10	Yes
Application	samba	samba	3.0.11	Yes
Application	samba	samba	3.0.12	Yes
Application	samba	samba	3.0.13	Yes
Application	samba	samba	3.0.14	Yes
Application	samba	samba	3.0.14	Yes
Application	samba	samba	3.0.14a	Yes
Application	samba	samba	3.0.15	Yes
Application	samba	samba	3.0.16	Yes
Application	samba	samba	3.0.17	Yes
Application	samba	samba	3.0.18	Yes
Application	samba	samba	3.0.19	Yes
Application	samba	samba	3.0.20	Yes
Application	samba	samba	3.0.20	Yes
Application	samba	samba	3.0.20	Yes
Application	samba	samba	3.0.20a	Yes
Application	samba	samba	3.0.20b	Yes
Application	samba	samba	3.0.21	Yes
Application	samba	samba	3.0.21	Yes
Application	samba	samba	3.0.21	Yes
Application	samba	samba	3.0.21	Yes
Application	samba	samba	3.0.21a	Yes
Application	samba	samba	3.0.21b	Yes
Application	samba	samba	3.0.21c	Yes
Application	samba	samba	3.0.22	Yes
Application	samba	samba	3.0.23	Yes
Application	samba	samba	3.0.23	Yes
Application	samba	samba	3.0.23	Yes
Application	samba	samba	3.0.23	Yes
Application	samba	samba	3.0.23	Yes
Application	samba	samba	3.0.23a	Yes
Application	samba	samba	3.0.23b	Yes
Application	samba	samba	3.0.23c	Yes
Application	samba	samba	3.0.23d	Yes
Application	samba	samba	3.0.24	Yes
Application	samba	samba	3.0.25	Yes
Application	samba	samba	3.0.25	Yes
Application	samba	samba	3.0.25	Yes
Application	samba	samba	3.0.25	Yes
Application	samba	samba	3.0.25	Yes
Application	samba	samba	3.0.25	Yes
Application	samba	samba	3.0.25	Yes
Application	samba	samba	3.0.25	Yes
Application	samba	samba	3.0.25	Yes
Application	samba	samba	3.0.25a	Yes
Application	samba	samba	3.0.25b	Yes
Application	samba	samba	3.0.25c	Yes
Application	samba	samba	3.0.26	Yes
Application	samba	samba	3.0.26	Yes
Application	samba	samba	3.0.26a	Yes
Application	samba	samba	3.0.27	Yes
Application	samba	samba	3.0.27	Yes
Application	samba	samba	3.0.28	Yes
Application	samba	samba	3.0.28	Yes
Application	samba	samba	3.0.29	Yes
Application	samba	samba	3.0.30	Yes
Application	samba	samba	3.0.31	Yes
Application	samba	samba	3.0.32	Yes
Application	samba	samba	3.0.33	Yes
Application	samba	samba	3.0.34	Yes
Application	samba	samba	3.0.35	Yes
Application	samba	samba	3.0.36	Yes
Application	samba	samba	3.0.37	Yes
Application	samba	samba	3.1.0	Yes
Application	samba	samba	3.2.0	Yes
Application	samba	samba	3.2.1	Yes
Application	samba	samba	3.2.2	Yes
Application	samba	samba	3.2.3	Yes
Application	samba	samba	3.2.4	Yes
Application	samba	samba	3.2.5	Yes
Application	samba	samba	3.2.6	Yes
Application	samba	samba	3.2.7	Yes
Application	samba	samba	3.2.8	Yes
Application	samba	samba	3.2.9	Yes
Application	samba	samba	3.2.10	Yes
Application	samba	samba	3.2.11	Yes
Application	samba	samba	3.2.12	Yes
Application	samba	samba	3.2.13	Yes
Application	samba	samba	3.2.14	Yes
Application	samba	samba	3.2.15	Yes
Application	samba	samba	3.3.0	Yes
Application	samba	samba	3.3.1	Yes
Application	samba	samba	3.3.2	Yes
Application	samba	samba	3.3.3	Yes
Application	samba	samba	3.3.4	Yes
Application	samba	samba	3.3.5	Yes
Application	samba	samba	3.3.6	Yes
Application	samba	samba	3.3.7	Yes
Application	samba	samba	3.3.8	Yes
Application	samba	samba	3.3.9	Yes
Application	samba	samba	3.3.10	Yes
Application	samba	samba	3.3.11	Yes
Application	samba	samba	3.3.12	Yes
Application	samba	samba	3.3.13	Yes
Application	samba	samba	3.3.14	Yes
Application	samba	samba	3.3.15	Yes
Application	samba	samba	3.3.16	Yes
Application	samba	samba	3.4.0	Yes
Application	samba	samba	3.4.1	Yes
Application	samba	samba	3.4.2	Yes
Application	samba	samba	3.4.3	Yes
Application	samba	samba	3.4.4	Yes
Application	samba	samba	3.4.5	Yes
Application	samba	samba	3.4.6	Yes
Application	samba	samba	3.4.7	Yes
Application	samba	samba	3.4.8	Yes
Application	samba	samba	3.4.9	Yes
Application	samba	samba	3.4.10	Yes
Application	samba	samba	3.4.11	Yes
Application	samba	samba	3.4.12	Yes
Application	samba	samba	3.4.13	Yes
Application	samba	samba	3.4.14	Yes
Application	samba	samba	3.5.0	Yes
Application	samba	samba	3.5.1	Yes
Application	samba	samba	3.5.2	Yes
Application	samba	samba	3.5.3	Yes
Application	samba	samba	3.5.4	Yes
Application	samba	samba	3.5.5	Yes
Application	samba	samba	3.5.6	Yes
Application	samba	samba	3.5.7	Yes
Application	samba	samba	3.5.8	Yes
Application	samba	samba	3.5.9	Yes

References

http://comments.gmane.org/gmane.linux.kernel.cifs/3827 Patch ([email protected])
http://git.samba.org/?p=cifs-utils.git%3Ba=commit%3Bh=1e7a32924b22d1f786b6f490ce8590656f578f91 ([email protected])
http://openwall.com/lists/oss-security/2011/07/29/9 Patch ([email protected])
http://secunia.com/advisories/45798 Vendor Advisory ([email protected])
http://www.mandriva.com/security/advisories?name=MDVSA-2011:148 ([email protected])
http://www.redhat.com/support/errata/RHSA-2011-1220.html Vendor Advisory ([email protected])
http://www.redhat.com/support/errata/RHSA-2011-1221.html Vendor Advisory ([email protected])
http://www.securitytracker.com/id?1025984 ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=726691 Patch ([email protected])
http://comments.gmane.org/gmane.linux.kernel.cifs/3827 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://git.samba.org/?p=cifs-utils.git%3Ba=commit%3Bh=1e7a32924b22d1f786b6f490ce8590656f578f91 (af854a3a-2127-422b-91ae-364da2661108)
http://openwall.com/lists/oss-security/2011/07/29/9 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/45798 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2011:148 (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2011-1220.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2011-1221.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1025984 (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=726691 Patch (af854a3a-2127-422b-91ae-364da2661108)