cbcvebase.
CVE-2011-1678
published 2011-04-10

CVE-2011-1678: smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without…

PriorityP47low3.3CVSS 2.0
AVLACMAuNCPIPAN
EPSS
0.53%
40.8th percentile
smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.

Affected

11 ranges
VendorProductVersion rangeFixed in
debiancifs-utils< cifs-utils 2:5.1-1 (bookworm)cifs-utils 2:5.1-1 (bookworm)
debiansamba< cifs-utils 2:5.1-1 (bookworm)cifs-utils 2:5.1-1 (bookworm)
sambacifs-utils>= 0 < 2:5.1-12:5.1-1
sambacifs-utils>= 0 < 2:5.1-12:5.1-1
sambacifs-utils>= 0 < 2:5.1-12:5.1-1
sambacifs-utils>= 0 < 2:5.1-12:5.1-1
sambasamba<= 3.5.8
sambasamba>= 0 < 2:3.4.7~dfsg-22:3.4.7~dfsg-2
sambasamba>= 0 < 2:3.4.7~dfsg-22:3.4.7~dfsg-2
sambasamba>= 0 < 2:3.4.7~dfsg-22:3.4.7~dfsg-2
sambasamba>= 0 < 2:3.4.7~dfsg-22:3.4.7~dfsg-2

CVSS provenance

nvdv2.03.3LOWAV:L/AC:M/Au:N/C:P/I:P/A:N
osv3.3LOW
vendor_debian3.3LOW
vendor_redhat3.3LOW
vendor_ubuntu3.3LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.