CVE-2012-0870 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Samba

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-674 — Uncontrolled Recursion7 documents7 sources

Severity

7.9HIGHNVD

EPSS

46.9%

top 2.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samba Debian Samba RIM Blackberry Playbook OS

Timeline

PublishedFeb 23

Latest updateMay 14

Description

Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion.

CVSS vector

AV:A/AC:M/C:C/I:C/A:CExploitability: 5.5 | Impact: 10.0

Affected Packages4 packages

▶NVDrim/blackberry_playbook_os2.0+9

▶debiandebian/samba< samba 2:3.4.0~pre1-1 (bookworm)

▶Debiansamba/samba< 2:3.4.0~pre1-1+3

▶NVDsamba/samba3.0.0

Patches

Patch: btsc.webapps.blackberry.com ↗Patch: bugzilla.redhat.com ↗Patch: btsc.webapps.blackberry.com ↗

🔴Vulnerability Details

GHSA

GHSA-h6wh-2qjc-xjwm: Heap-based buffer overflow in process↗2022-05-14

▶

OSV

CVE-2012-0870: Heap-based buffer overflow in process↗2012-02-23

▶

📋Vendor Advisories

Ubuntu

Samba vulnerability↗2012-02-24

▶

Red Hat

samba: Any Batched ("AndX") request processing infinite recursion and heap-based buffer overflow↗2012-02-21

▶

Debian

CVE-2012-0870: samba - Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the fil...↗2012

▶

💬Community

Bugzilla

CVE-2012-0870 samba: Any Batched ("AndX") request processing infinite recursion and heap-based buffer overflow↗2012-02-20

▶