CVE-2011-2724 — Improper Input Validation in Samba

CWE-20 — Improper Input Validation10 documents8 sources

Severity

1.2LOWNVD

CNA2.1OSV2.1

EPSS

1.1%

top 21.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samba Cifs-utils Samba

Timeline

PublishedSep 6

Latest updateMay 14

Description

The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0547.

CVSS vector

AV:L/AC:H/C:N/I:N/A:PExploitability: 1.9 | Impact: 2.9

Affected Packages3 packages

▶Debiansamba/cifs-utils< 2:5.1-1+3

▶Debiansamba/samba< 2:3.4.7~dfsg-2+3

▶NVDsamba/samba3.5.10+148

Patches

Patch: comments.gmane.org ↗Patch: openwall.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-rv4g-gfv5-499c: The check_mtab function in client/mount↗2022-05-14

▶

OSV

CVE-2011-2724: The check_mtab function in client/mount↗2011-09-06

▶

CVEList

CVE-2011-2724: The check_mtab function in client/mount↗2011-09-06

▶

📋Vendor Advisories

Ubuntu

Samba vulnerabilities↗2011-10-04

▶

Ubuntu

cifs-utils vulnerabilities↗2011-10-04

▶

Red Hat

cifs-utils: mount.cifs incorrect fix for CVE-2010-0547↗2011-07-29

▶

Debian

CVE-2011-2724: cifs-utils - The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3...↗2011

▶

💬Community

Bugzilla

CVE-2011-2724 samba, cifs-utils: mount.cifs incorrect fix for CVE-2010-0547↗2011-07-29

▶

Bugzilla

CVE-2011-2724 samba, cifs-utils (mount.cifs): check_newline returns EX_USAGE on error, not -1 (incomplete fix for CVE-2010-0547) [fedora-all]↗2011-07-29

▶